Theory AOT_PLM

1(*<*)
2theory AOT_PLM
3  imports AOT_Axioms
4begin
5(*>*)
6
7section‹The Deductive System PLM›
8text‹\label{PLM: 9}›
9
10(* constrain sledgehammer to the abstraction layer *)
11unbundle AOT_no_atp
12
13subsection‹Primitive Rule of PLM: Modus Ponens›
14text‹\label{PLM: 9.1}›
15
16AOT_theorem "modus-ponens":
17  assumes φ and φ  ψ
18  shows ψ
19  (* NOTE: semantics needed *)
20  using assms by (simp add: AOT_sem_imp)
21lemmas MP = "modus-ponens"
22
23subsection‹(Modally Strict) Proofs and Derivations›
24text‹\label{PLM: 9.2}›
25
26AOT_theorem "non-con-thm-thm":
27  assumes  φ
28  shows  φ
29  using assms by simp
30
31AOT_theorem "vdash-properties:1[1]":
32  assumes φ  Λ
33  shows  φ
34  (* NOTE: semantics needed *)
35  using assms unfolding AOT_model_act_axiom_def by blast
36
37text‹Convenience attribute for instantiating modally-fragile axioms.›
38attribute_setup act_axiom_inst =
39  ‹Scan.succeed (Thm.rule_attribute []
40    (K (fn thm => thm RS @{thm "vdash-properties:1[1]"})))
41  "Instantiate modally fragile axiom as modally fragile theorem."
42
43AOT_theorem "vdash-properties:1[2]":
44  assumes φ  Λ
45  shows  φ
46  (* NOTE: semantics needed *)
47  using assms unfolding AOT_model_axiom_def by blast
48
49text‹Convenience attribute for instantiating modally-strict axioms.›
50attribute_setup axiom_inst =
51  ‹Scan.succeed (Thm.rule_attribute []
52    (K (fn thm => thm RS @{thm "vdash-properties:1[2]"})))
53  "Instantiate axiom as theorem."
54
55text‹Convenience methods and theorem sets for applying "cqt:2".›
56method cqt_2_lambda_inst_prover =
57  (fast intro: AOT_instance_of_cqt_2_intro)
58method "cqt:2[lambda]" =
59  (rule "cqt:2[lambda]"[axiom_inst]; cqt_2_lambda_inst_prover)
60lemmas "cqt:2" =
61  "cqt:2[const_var]"[axiom_inst] "cqt:2[lambda]"[axiom_inst]
62  AOT_instance_of_cqt_2_intro
63method "cqt:2" = (safe intro!: "cqt:2")
64
65AOT_theorem "vdash-properties:3":
66  assumes  φ
67  shows Γ  φ
68  using assms by blast
69
70AOT_theorem "vdash-properties:5":
71  assumes Γ1  φ and Γ2  φ  ψ
72  shows Γ1, Γ2  ψ
73  using MP assms by blast
74
75AOT_theorem "vdash-properties:6":
76  assumes φ and φ  ψ
77  shows ψ
78  using MP assms by blast
79
80AOT_theorem "vdash-properties:8":
81  assumes Γ  φ and φ  ψ
82  shows Γ  ψ
83  using assms by argo
84
85AOT_theorem "vdash-properties:9":
86  assumes φ
87  shows ψ  φ
88  using MP "pl:1"[axiom_inst] assms by blast
89
90AOT_theorem "vdash-properties:10":
91  assumes φ  ψ and φ
92  shows ψ
93  using MP assms by blast
94lemmas "→E" = "vdash-properties:10"
95
96subsection‹Two Fundamental Metarules: GEN and RN›
97text‹\label{PLM: 9.3}›
98
99AOT_theorem "rule-gen":
100  assumes for arbitrary α: φ{α}
101  shows α φ{α}
102  (* NOTE: semantics needed *)
103  using assms by (metis AOT_var_of_term_inverse AOT_sem_denotes AOT_sem_forall)
104lemmas GEN = "rule-gen"
105
106AOT_theorem "RN[prem]":
107  assumes Γ  φ
108  shows Γ  φ
109  by (meson AOT_sem_box assms image_iff) (* NOTE: semantics needed *)
110AOT_theorem RN:
111  assumes  φ
112  shows φ
113  using "RN[prem]" assms by blast
114
115subsection‹The Inferential Role of Definitions›
116text‹\label{PLM: 9.4}›
117
118AOT_axiom "df-rules-formulas[1]":
119  assumes φ df ψ
120  shows φ  ψ
121  (* NOTE: semantics needed *)
122  using assms
123  by (auto simp: assms AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
124AOT_axiom "df-rules-formulas[2]":
125  assumes φ df ψ
126  shows ψ  φ
127  (* NOTE: semantics needed *)
128  using assms
129  by (auto simp: AOT_model_axiomI AOT_model_equiv_def AOT_sem_imp)
130(* NOTE: for convenience also state the above as regular theorems *)
131AOT_theorem "df-rules-formulas[3]":
132  assumes φ df ψ
133  shows φ  ψ
134  using "df-rules-formulas[1]"[axiom_inst, OF assms].
135AOT_theorem "df-rules-formulas[4]":
136  assumes φ df ψ
137  shows ψ  φ
138  using "df-rules-formulas[2]"[axiom_inst, OF assms].
139
140
141AOT_axiom "df-rules-terms[1]":
142  assumes τ{α1...αn} =df σ{α1...αn}
143  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
144         (¬σ{τ1...τn}  ¬τ{τ1...τn})
145  (* NOTE: semantics needed *)
146  using assms
147  by (simp add: AOT_model_axiomI AOT_sem_conj AOT_sem_imp AOT_sem_eq
148                AOT_sem_not AOT_sem_denotes AOT_model_id_def)
149AOT_axiom "df-rules-terms[2]":
150  assumes τ =df σ
151  shows (σ  τ = σ) & (¬σ  ¬τ)
152  by (metis "df-rules-terms[1]" case_unit_Unity assms)
153(* NOTE: for convenience also state the above as regular theorems *)
154AOT_theorem "df-rules-terms[3]":
155  assumes τ{α1...αn} =df σ{α1...αn}
156  shows (σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}) &
157         (¬σ{τ1...τn}  ¬τ{τ1...τn})
158  using "df-rules-terms[1]"[axiom_inst, OF assms].
159AOT_theorem "df-rules-terms[4]":
160  assumes τ =df σ
161  shows (σ  τ = σ) & (¬σ  ¬τ)
162  using "df-rules-terms[2]"[axiom_inst, OF assms].
163
164subsection‹The Theory of Negations and Conditionals›
165text‹\label{PLM: 9.5}›
166
167AOT_theorem "if-p-then-p": φ  φ
168  by (meson "pl:1"[axiom_inst] "pl:2"[axiom_inst] MP)
169
170AOT_theorem "deduction-theorem":
171  assumes φ  ψ
172  shows φ  ψ
173  (* NOTE: semantics needed *)
174  using assms by (simp add: AOT_sem_imp)
175lemmas CP = "deduction-theorem"
176lemmas "→I" = "deduction-theorem"
177
178AOT_theorem "ded-thm-cor:1":
179  assumes Γ1  φ  ψ and Γ2  ψ  χ
180  shows Γ1, Γ2  φ  χ
181  using "→E" "→I" assms by blast
182AOT_theorem "ded-thm-cor:2":
183  assumes Γ1  φ  (ψ  χ) and Γ2  ψ
184  shows Γ1, Γ2  φ  χ
185  using "→E" "→I" assms by blast
186
187AOT_theorem "ded-thm-cor:3":
188  assumes φ  ψ and ψ  χ
189  shows φ  χ
190  using "→E" "→I" assms by blast
191declare "ded-thm-cor:3"[trans]
192AOT_theorem "ded-thm-cor:4":
193  assumes φ  (ψ  χ) and ψ
194  shows φ  χ
195  using "→E" "→I" assms by blast
196
197lemmas "Hypothetical Syllogism" = "ded-thm-cor:3"
198
199AOT_theorem "useful-tautologies:1": ¬¬φ  φ
200  by (metis "pl:3"[axiom_inst] "→I" "Hypothetical Syllogism")
201AOT_theorem "useful-tautologies:2": φ  ¬¬φ
202  by (metis "pl:3"[axiom_inst] "→I" "ded-thm-cor:4")
203AOT_theorem "useful-tautologies:3": ¬φ  (φ  ψ)
204  by (meson "ded-thm-cor:4" "pl:3"[axiom_inst] "→I")
205AOT_theorem "useful-tautologies:4": (¬ψ  ¬φ)  (φ  ψ)
206  by (meson "pl:3"[axiom_inst] "Hypothetical Syllogism" "→I")
207AOT_theorem "useful-tautologies:5": (φ  ψ)  (¬ψ  ¬φ)
208  by (metis "useful-tautologies:4" "Hypothetical Syllogism" "→I")
209
210AOT_theorem "useful-tautologies:6": (φ  ¬ψ)  (ψ  ¬φ)
211  by (metis "→I" MP "useful-tautologies:4")
212
213AOT_theorem "useful-tautologies:7": (¬φ  ψ)  (¬ψ  φ)
214  by (metis "→I" MP "useful-tautologies:3" "useful-tautologies:5")
215
216AOT_theorem "useful-tautologies:8": φ  (¬ψ  ¬(φ  ψ))
217  by (metis "→I" MP "useful-tautologies:5")
218
219AOT_theorem "useful-tautologies:9": (φ  ψ)  ((¬φ  ψ)  ψ)
220  by (metis "→I" MP "useful-tautologies:6")
221
222AOT_theorem "useful-tautologies:10": (φ  ¬ψ)  ((φ  ψ)  ¬φ)
223  by (metis "→I" MP "pl:3"[axiom_inst])
224
225AOT_theorem "dn-i-e:1":
226  assumes φ
227  shows ¬¬φ
228  using MP "useful-tautologies:2" assms by blast
229lemmas "¬¬I" = "dn-i-e:1"
230AOT_theorem "dn-i-e:2":
231  assumes ¬¬φ
232  shows φ
233  using MP "useful-tautologies:1" assms by blast
234lemmas "¬¬E" = "dn-i-e:2"
235
236AOT_theorem "modus-tollens:1":
237  assumes φ  ψ and ¬ψ
238  shows ¬φ
239  using MP "useful-tautologies:5" assms by blast
240AOT_theorem "modus-tollens:2":
241  assumes φ  ¬ψ and ψ
242  shows ¬φ
243  using "¬¬I" "modus-tollens:1" assms by blast
244lemmas MT = "modus-tollens:1" "modus-tollens:2"
245
246AOT_theorem "contraposition:1[1]":
247  assumes φ  ψ
248  shows ¬ψ  ¬φ
249  using "→I" MT(1) assms by blast
250AOT_theorem "contraposition:1[2]":
251  assumes ¬ψ  ¬φ
252  shows φ  ψ
253  using "→I" "¬¬E" MT(2) assms by blast
254
255AOT_theorem "contraposition:2":
256  assumes φ  ¬ψ
257  shows ψ  ¬φ
258  using "→I" MT(2) assms by blast
259
260(* Note: this is actually a mixture of the two variants given in PLM. *)
261AOT_theorem "reductio-aa:1":
262  assumes ¬φ  ¬ψ and ¬φ  ψ
263  shows φ
264  using "→I" "¬¬E" MT(2) assms by blast
265AOT_theorem "reductio-aa:2":
266  assumes φ  ¬ψ and φ  ψ
267  shows ¬φ
268  using "reductio-aa:1" assms by blast
269lemmas "RAA" = "reductio-aa:1" "reductio-aa:2"
270
271AOT_theorem "exc-mid": φ  ¬φ
272  using "df-rules-formulas[4]" "if-p-then-p" MP
273        "conventions:2" by blast
274
275AOT_theorem "non-contradiction": ¬(φ & ¬φ)
276  using "df-rules-formulas[3]" MT(2) "useful-tautologies:2"
277        "conventions:1" by blast
278
279AOT_theorem "con-dis-taut:1": (φ & ψ)  φ
280  by (meson "→I" "df-rules-formulas[3]" MP RAA(1) "conventions:1")
281AOT_theorem "con-dis-taut:2": (φ & ψ)  ψ
282  by (metis "→I" "df-rules-formulas[3]" MT(2) RAA(2)
283            "¬¬E" "conventions:1")
284lemmas "Conjunction Simplification" = "con-dis-taut:1" "con-dis-taut:2"
285
286AOT_theorem "con-dis-taut:3": φ  (φ  ψ)
287  by (meson "contraposition:1[2]" "df-rules-formulas[4]"
288            MP "→I" "conventions:2")
289AOT_theorem "con-dis-taut:4": ψ  (φ  ψ)
290  using "Hypothetical Syllogism" "df-rules-formulas[4]"
291        "pl:1"[axiom_inst] "conventions:2" by blast
292lemmas "Disjunction Addition" = "con-dis-taut:3" "con-dis-taut:4"
293
294AOT_theorem "con-dis-taut:5": φ  (ψ  (φ & ψ))
295  by (metis "contraposition:2" "Hypothetical Syllogism" "→I"
296            "df-rules-formulas[4]" "conventions:1")
297lemmas Adjunction = "con-dis-taut:5"
298
299AOT_theorem "con-dis-taut:6": (φ & φ)  φ
300  by (metis Adjunction "→I" "df-rules-formulas[4]" MP
301            "Conjunction Simplification"(1) "conventions:3")
302lemmas "Idempotence of &" = "con-dis-taut:6"
303
304AOT_theorem "con-dis-taut:7": (φ  φ)  φ
305proof -
306  {
307    AOT_assume φ  φ
308    AOT_hence ¬φ  φ
309      using "conventions:2"[THEN "df-rules-formulas[3]"] MP by blast
310    AOT_hence φ using "if-p-then-p" RAA(1) MP by blast
311  }
312  moreover {
313    AOT_assume φ
314    AOT_hence φ  φ using "Disjunction Addition"(1) MP by blast
315  }
316  ultimately AOT_show (φ  φ)  φ
317    using "conventions:3"[THEN "df-rules-formulas[4]"] MP
318    by (metis Adjunction "→I")
319qed
320lemmas "Idempotence of ∨" = "con-dis-taut:7"
321
322
323AOT_theorem "con-dis-i-e:1":
324  assumes φ and ψ
325  shows φ & ψ
326  using Adjunction MP assms by blast
327lemmas "&I" = "con-dis-i-e:1"
328
329AOT_theorem "con-dis-i-e:2:a":
330  assumes φ & ψ
331  shows φ
332  using "Conjunction Simplification"(1) MP assms by blast
333AOT_theorem "con-dis-i-e:2:b":
334  assumes φ & ψ
335  shows ψ
336  using "Conjunction Simplification"(2) MP assms by blast
337lemmas "&E" = "con-dis-i-e:2:a" "con-dis-i-e:2:b"
338
339AOT_theorem "con-dis-i-e:3:a":
340  assumes φ
341  shows φ  ψ
342  using "Disjunction Addition"(1) MP assms by blast
343AOT_theorem "con-dis-i-e:3:b":
344  assumes ψ
345  shows φ  ψ
346  using "Disjunction Addition"(2) MP assms by blast
347AOT_theorem "con-dis-i-e:3:c":
348  assumes φ  ψ and φ  χ and ψ  Θ
349  shows χ  Θ
350  by (metis "con-dis-i-e:3:a" "Disjunction Addition"(2)
351            "df-rules-formulas[3]" MT(1) RAA(1)
352            "conventions:2" assms)
353lemmas "∨I" = "con-dis-i-e:3:a" "con-dis-i-e:3:b" "con-dis-i-e:3:c"
354
355AOT_theorem "con-dis-i-e:4:a":
356  assumes φ  ψ and φ  χ and ψ  χ
357  shows χ
358  by (metis MP RAA(2) "df-rules-formulas[3]" "conventions:2" assms)
359AOT_theorem "con-dis-i-e:4:b":
360  assumes φ  ψ and ¬φ
361  shows ψ
362  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
363AOT_theorem "con-dis-i-e:4:c":
364  assumes φ  ψ and ¬ψ
365  shows φ
366  using "con-dis-i-e:4:a" RAA(1) "→I" assms by blast
367lemmas "∨E" = "con-dis-i-e:4:a" "con-dis-i-e:4:b" "con-dis-i-e:4:c"
368
369AOT_theorem "raa-cor:1":
370  assumes ¬φ  ψ & ¬ψ
371  shows φ
372  using "&E" "∨E"(3) "∨I"(2) RAA(2) assms by blast
373AOT_theorem "raa-cor:2":
374  assumes φ  ψ & ¬ψ
375  shows ¬φ
376  using "raa-cor:1" assms by blast
377AOT_theorem "raa-cor:3":
378  assumes φ and ¬ψ  ¬φ
379  shows ψ
380  using RAA assms by blast
381AOT_theorem "raa-cor:4":
382  assumes ¬φ and ¬ψ  φ
383  shows ψ
384  using RAA assms by blast
385AOT_theorem "raa-cor:5":
386  assumes φ and ψ  ¬φ
387  shows ¬ψ
388  using RAA assms by blast
389AOT_theorem "raa-cor:6":
390  assumes ¬φ and ψ  φ
391  shows ¬ψ
392  using RAA assms by blast
393
394AOT_theorem "oth-class-taut:1:a": (φ  ψ)  ¬(φ & ¬ψ)
395  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
396     (metis "&E" "&I" "raa-cor:3" "→I" MP)
397AOT_theorem "oth-class-taut:1:b": ¬(φ  ψ)  (φ & ¬ψ)
398  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
399     (metis "&E" "&I" "raa-cor:3" "→I" MP)
400AOT_theorem "oth-class-taut:1:c": (φ  ψ)  (¬φ  ψ)
401  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
402     (metis "&I" "∨I"(1, 2) "∨E"(3) "→I" MP "raa-cor:1")
403
404AOT_theorem "oth-class-taut:2:a": (φ & ψ)  (ψ & φ)
405  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
406     (meson "&I" "&E" "→I")
407lemmas "Commutativity of &" = "oth-class-taut:2:a"
408AOT_theorem "oth-class-taut:2:b": (φ & (ψ & χ))  ((φ & ψ) & χ)
409  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
410     (metis "&I" "&E" "→I")
411lemmas "Associativity of &" = "oth-class-taut:2:b"
412AOT_theorem "oth-class-taut:2:c": (φ  ψ)  (ψ  φ)
413  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
414     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
415lemmas "Commutativity of ∨" = "oth-class-taut:2:c"
416AOT_theorem "oth-class-taut:2:d": (φ  (ψ  χ))  ((φ  ψ)  χ)
417  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"])
418     (metis "&I" "∨I"(1, 2) "∨E"(1) "→I")
419lemmas "Associativity of ∨" = "oth-class-taut:2:d"
420AOT_theorem "oth-class-taut:2:e": (φ  ψ)  (ψ  φ)
421  by (rule "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]; rule "&I";
422      metis "&I" "df-rules-formulas[4]" "conventions:3" "&E"
423            "Hypothetical Syllogism" "→I" "df-rules-formulas[3]")
424lemmas "Commutativity of ≡" = "oth-class-taut:2:e"
425AOT_theorem "oth-class-taut:2:f": (φ  (ψ  χ))  ((φ  ψ)  χ)
426  using "conventions:3"[THEN "df-rules-formulas[4]"]
427        "conventions:3"[THEN "df-rules-formulas[3]"]
428        "→I" "→E" "&E" "&I"
429  by metis
430lemmas "Associativity of ≡" = "oth-class-taut:2:f"
431
432AOT_theorem "oth-class-taut:3:a": φ  φ
433  using "&I" "vdash-properties:6" "if-p-then-p"
434        "df-rules-formulas[4]" "conventions:3" by blast
435AOT_theorem "oth-class-taut:3:b": φ  ¬¬φ
436  using "&I" "useful-tautologies:1" "useful-tautologies:2" "→E"
437        "df-rules-formulas[4]" "conventions:3" by blast
438AOT_theorem "oth-class-taut:3:c": ¬(φ  ¬φ)
439  by (metis "&E" "→E" RAA "df-rules-formulas[3]" "conventions:3")
440
441AOT_theorem "oth-class-taut:4:a": (φ  ψ)  ((ψ  χ)  (φ  χ))
442  by (metis "→E" "→I")
443AOT_theorem "oth-class-taut:4:b": (φ  ψ)  (¬φ  ¬ψ)
444  using "conventions:3"[THEN "df-rules-formulas[4]"]
445        "conventions:3"[THEN "df-rules-formulas[3]"]
446        "→I" "→E" "&E" "&I" RAA by metis
447AOT_theorem "oth-class-taut:4:c": (φ  ψ)  ((φ  χ)  (ψ  χ))
448  using "conventions:3"[THEN "df-rules-formulas[4]"]
449        "conventions:3"[THEN "df-rules-formulas[3]"]
450        "→I" "→E" "&E" "&I" by metis
451AOT_theorem "oth-class-taut:4:d": (φ  ψ)  ((χ  φ)  (χ  ψ))
452  using "conventions:3"[THEN "df-rules-formulas[4]"]
453        "conventions:3"[THEN "df-rules-formulas[3]"]
454        "→I" "→E" "&E" "&I" by metis
455AOT_theorem "oth-class-taut:4:e": (φ  ψ)  ((φ & χ)  (ψ & χ))
456  using "conventions:3"[THEN "df-rules-formulas[4]"]
457        "conventions:3"[THEN "df-rules-formulas[3]"]
458        "→I" "→E" "&E" "&I" by metis
459AOT_theorem "oth-class-taut:4:f": (φ  ψ)  ((χ & φ)  (χ & ψ))
460  using "conventions:3"[THEN "df-rules-formulas[4]"]
461        "conventions:3"[THEN "df-rules-formulas[3]"]
462        "→I" "→E" "&E" "&I" by metis
463AOT_theorem "oth-class-taut:4:g": (φ  ψ)  ((φ & ψ)  (¬φ & ¬ψ))
464proof(safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
465                   "&I" "→I"
466           dest!: "conventions:3"[THEN "df-rules-formulas[3]", THEN "→E"])
467  AOT_show φ & ψ  (¬φ & ¬ψ) if (φ  ψ) & (ψ  φ)
468    using "&E" "∨I" "→E" "&I" "raa-cor:1" "→I" "∨E" that by metis
469next
470  AOT_show ψ if φ & ψ  (¬φ & ¬ψ) and φ
471    using that "∨E" "&E" "raa-cor:3" by blast
472next
473  AOT_show φ if φ & ψ  (¬φ & ¬ψ) and ψ
474    using that "∨E" "&E" "raa-cor:3" by blast
475qed
476AOT_theorem "oth-class-taut:4:h": ¬(φ  ψ)  ((φ & ¬ψ)  (¬φ & ψ))
477proof (safe intro!: "conventions:3"[THEN "df-rules-formulas[4]", THEN "→E"]
478                    "&I" "→I")
479  AOT_show φ & ¬ψ  (¬φ & ψ) if ¬(φ  ψ)
480    by (metis that "&I" "∨I"(1, 2) "→I" MT(1) "df-rules-formulas[4]"
481              "raa-cor:3" "conventions:3")
482next
483  AOT_show ¬(φ  ψ) if φ & ¬ψ  (¬φ & ψ)
484    by (metis that "&E" "∨E"(2) "→E" "df-rules-formulas[3]"
485              "raa-cor:3" "conventions:3")
486qed
487AOT_theorem "oth-class-taut:5:a": (φ & ψ)  ¬(¬φ  ¬ψ)
488  using "conventions:3"[THEN "df-rules-formulas[4]"]
489        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
490AOT_theorem "oth-class-taut:5:b": (φ  ψ)  ¬(¬φ & ¬ψ)
491  using "conventions:3"[THEN "df-rules-formulas[4]"]
492        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
493AOT_theorem "oth-class-taut:5:c": ¬(φ & ψ)  (¬φ  ¬ψ)
494  using "conventions:3"[THEN "df-rules-formulas[4]"]
495        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
496AOT_theorem "oth-class-taut:5:d": ¬(φ  ψ)  (¬φ & ¬ψ)
497  using "conventions:3"[THEN "df-rules-formulas[4]"]
498        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
499
500lemmas DeMorgan = "oth-class-taut:5:c" "oth-class-taut:5:d"
501
502AOT_theorem "oth-class-taut:6:a":
503  (φ & (ψ  χ))  ((φ & ψ)  (φ & χ))
504  using "conventions:3"[THEN "df-rules-formulas[4]"]
505        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
506AOT_theorem "oth-class-taut:6:b":
507  (φ  (ψ & χ))  ((φ  ψ) & (φ  χ))
508  using "conventions:3"[THEN "df-rules-formulas[4]"]
509        "→I" "→E" "&E" "&I" "∨I" "∨E" RAA by metis
510
511AOT_theorem "oth-class-taut:7:a": ((φ & ψ)  χ)  (φ  (ψ  χ))
512  by (metis "&I" "→E" "→I")
513lemmas Exportation = "oth-class-taut:7:a"
514AOT_theorem "oth-class-taut:7:b": (φ  (ψ χ))  ((φ & ψ)  χ)
515  by (metis "&E" "→E" "→I")
516lemmas Importation = "oth-class-taut:7:b"
517
518AOT_theorem "oth-class-taut:8:a":
519  (φ  (ψ  χ))  (ψ  (φ  χ))
520  using "conventions:3"[THEN "df-rules-formulas[4]"] "→I" "→E" "&E" "&I"
521  by metis
522lemmas Permutation = "oth-class-taut:8:a"
523AOT_theorem "oth-class-taut:8:b":
524  (φ  ψ)  ((φ  χ)  (φ  (ψ & χ)))
525  by (metis "&I" "→E" "→I")
526lemmas Composition = "oth-class-taut:8:b"
527AOT_theorem "oth-class-taut:8:c":
528  (φ  χ)  ((ψ  χ)  ((φ  ψ)  χ))
529  by (metis "∨E"(2) "→E" "→I" RAA(1))
530AOT_theorem "oth-class-taut:8:d":
531  ((φ  ψ) & (χ  Θ))  ((φ & χ)  (ψ & Θ))
532  by (metis "&E" "&I" "→E" "→I")
533lemmas "Double Composition" = "oth-class-taut:8:d"
534AOT_theorem "oth-class-taut:8:e":
535  ((φ & ψ)  (φ & χ))  (φ  (ψ  χ))
536  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
537            "conventions:3"[THEN "df-rules-formulas[3]"]
538            "→I" "→E" "&E" "&I")
539AOT_theorem "oth-class-taut:8:f":
540  ((φ & ψ)  (χ & ψ))  (ψ  (φ  χ))
541  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
542            "conventions:3"[THEN "df-rules-formulas[3]"]
543            "→I" "→E" "&E" "&I")
544AOT_theorem "oth-class-taut:8:g":
545  (ψ  χ)  ((φ  ψ)  (φ  χ))
546  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
547            "conventions:3"[THEN "df-rules-formulas[3]"]
548            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
549AOT_theorem "oth-class-taut:8:h":
550  (ψ  χ)  ((ψ  φ)  (χ  φ))
551  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
552            "conventions:3"[THEN "df-rules-formulas[3]"]
553            "→I" "→E" "&E" "&I" "∨I" "∨E"(1))
554AOT_theorem "oth-class-taut:8:i":
555  (φ  (ψ & χ))  (ψ  (φ  χ))
556  by (metis "conventions:3"[THEN "df-rules-formulas[4]"]
557            "conventions:3"[THEN "df-rules-formulas[3]"]
558            "→I" "→E" "&E" "&I")
559
560AOT_theorem "intro-elim:1":
561  assumes φ  ψ and φ  χ and ψ  Θ
562  shows χ  Θ
563  by (metis assms "∨I"(1, 2) "∨E"(1) "→I" "→E" "&E"(1)
564            "conventions:3"[THEN "df-rules-formulas[3]"])
565
566AOT_theorem "intro-elim:2":
567  assumes φ  ψ and ψ  φ
568  shows φ  ψ
569  by (meson "&I" "conventions:3" "df-rules-formulas[4]" MP assms)
570lemmas "≡I" = "intro-elim:2"
571
572AOT_theorem "intro-elim:3:a":
573  assumes φ  ψ and φ
574  shows ψ
575  by (metis "∨I"(1) "→I" "∨E"(1) "intro-elim:1" assms)
576AOT_theorem "intro-elim:3:b":
577  assumes φ  ψ and ψ
578  shows φ
579  using "intro-elim:3:a" "Commutativity of ≡" assms by blast
580AOT_theorem "intro-elim:3:c":
581  assumes φ  ψ and ¬φ
582  shows ¬ψ
583  using "intro-elim:3:b" "raa-cor:3" assms by blast
584AOT_theorem "intro-elim:3:d":
585  assumes φ  ψ and ¬ψ
586  shows ¬φ
587  using "intro-elim:3:a" "raa-cor:3" assms by blast
588AOT_theorem "intro-elim:3:e":
589  assumes φ  ψ and ψ  χ
590  shows φ  χ
591  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
592declare "intro-elim:3:e"[trans]
593AOT_theorem "intro-elim:3:f":
594  assumes φ  ψ and φ  χ
595  shows χ  ψ
596  by (metis "≡I" "→I" "intro-elim:3:a" "intro-elim:3:b" assms)
597lemmas "≡E" = "intro-elim:3:a" "intro-elim:3:b" "intro-elim:3:c"
598              "intro-elim:3:d" "intro-elim:3:e" "intro-elim:3:f"
599
600declare "Commutativity of ≡"[THEN "≡E"(1), sym]
601
602AOT_theorem "rule-eq-df:1":
603  assumes φ df ψ
604  shows φ  ψ
605  by (simp add: "≡I" "df-rules-formulas[3]" "df-rules-formulas[4]" assms)
606lemmas "≡Df" = "rule-eq-df:1"
607AOT_theorem "rule-eq-df:2":
608  assumes φ df ψ and φ
609  shows ψ
610  using "≡Df" "≡E"(1) assms by blast
611lemmas "≡dfE" = "rule-eq-df:2"
612AOT_theorem "rule-eq-df:3":
613  assumes φ df ψ and ψ
614  shows φ
615  using "≡Df" "≡E"(2) assms by blast
616lemmas "≡dfI" = "rule-eq-df:3"
617
618AOT_theorem  "df-simplify:1":
619  assumes φ  (ψ & χ) and ψ
620  shows φ  χ
621  by (metis "&E"(2) "&I" "≡E"(1, 2) "≡I" "→I" assms)
622(* Note: this is a slight variation from PLM *)
623AOT_theorem  "df-simplify:2":
624  assumes φ  (ψ & χ) and χ
625  shows φ  ψ
626  by (metis "&E"(1) "&I" "≡E"(1, 2) "≡I" "→I" assms)
627lemmas "≡S" = "df-simplify:1"  "df-simplify:2"
628
629subsection‹The Theory of Quantification›
630text‹\label{PLM: 9.6}›
631
632AOT_theorem "rule-ui:1":
633  assumes α φ{α} and τ
634  shows φ{τ}
635  using "→E" "cqt:1"[axiom_inst] assms by blast
636AOT_theorem "rule-ui:2[const_var]":
637  assumes α φ{α}
638  shows φ{β}
639  by (simp add: "rule-ui:1" "cqt:2[const_var]"[axiom_inst] assms)
640AOT_theorem "rule-ui:2[lambda]":
641  assumes F φ{F} and INSTANCE_OF_CQT_2(ψ)
642  shows φ{ν1...νn ψ{ν1...νn}]}
643  by (simp add: "rule-ui:1" "cqt:2[lambda]"[axiom_inst] assms)
644AOT_theorem "rule-ui:3":
645  assumes α φ{α}
646  shows φ{α}
647  by (simp add: "rule-ui:2[const_var]" assms)
648lemmas "∀E" = "rule-ui:1" "rule-ui:2[const_var]"
649              "rule-ui:2[lambda]" "rule-ui:3"
650
651AOT_theorem "cqt-orig:1[const_var]": α φ{α}  φ{β}
652  by (simp add: "∀E"(2) "→I")
653AOT_theorem "cqt-orig:1[lambda]":
654  assumes INSTANCE_OF_CQT_2(ψ)
655  shows F φ{F}  φ{ν1...νn ψ{ν1...νn}]}
656  by (simp add: "∀E"(3) "→I" assms)
657AOT_theorem "cqt-orig:2": α (φ  ψ{α})  (φ  α ψ{α})
658  by (metis "→I" GEN "vdash-properties:6" "∀E"(4))
659AOT_theorem "cqt-orig:3": α φ{α}  φ{α}
660  using "cqt-orig:1[const_var]".
661
662AOT_theorem universal:
663  assumes for arbitrary β: φ{β}
664  shows α φ{α}
665  using GEN assms .
666lemmas "∀I" = universal
667
668(* Generalized mechanism for "∀I" followed by ∀E *)
669ML670fun get_instantiated_allI ctxt varname thm = let
671val trm = Thm.concl_of thm
672val trm =
673  case trm of (@{const Trueprop} $ (@{const AOT_model_valid_in} $ _ $ x)) => x
674  | _ => raise Term.TERM ("Expected simple theorem.", [trm])
675fun extractVars (Const (const_name‹AOT_term_of_var›, _) $ Var v) =
676    (* TODO: better handling of indices *)
677    (if fst (fst v) = fst varname then [Var v] else [])
678  | extractVars (t1 $ t2) = extractVars t1 @ extractVars t2
679  | extractVars (Abs (_, _, t)) = extractVars t
680  | extractVars _ = []
681val vars = extractVars trm
682val vars = fold Term.add_vars vars []
683val var = hd vars
684val trmty =
685  case (snd var) of (Type (type_name‹AOT_var›, [t])) => (t)
686  | _ => raise Term.TYPE ("Expected variable type.", [snd var], [Var var])
687val trm = Abs (Term.string_of_vname (fst var), trmty, Term.abstract_over (
688      Const (const_name‹AOT_term_of_var›, Type ("fun", [snd var, trmty]))
689       $ Var var, trm))
690val trm = Thm.cterm_of (Context.proof_of ctxt) trm
691val ty = hd (Term.add_tvars (Thm.prop_of @{thm "∀I"}) [])
692val typ = Thm.ctyp_of (Context.proof_of ctxt) trmty
693fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
694val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
695fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
696val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
697val allthm = Drule.instantiate_normalize (TVars_make [(ty, typ)],Vars_empty) @{thm "∀I"}
698val phi = hd (Term.add_vars (Thm.prop_of allthm) [])
699val allthm = Drule.instantiate_normalize (TVars_empty, Vars_make [(phi,trm)]) allthm
700in
701allthm
702end
703
704
705attribute_setup "∀I" =
706  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
707  (fn ctxt => fn thm => fold (fn arg => fn thm =>
708    thm RS get_instantiated_allI ctxt arg thm) args thm))
709  "Quantify over a variable in a theorem using GEN."
710
711attribute_setup "unvarify" =
712  ‹Scan.lift (Scan.repeat1 Args.var) >> (fn args => Thm.rule_attribute []
713  (fn ctxt => fn thm =>
714    let
715      fun get_inst_allI arg thm = thm RS get_instantiated_allI ctxt arg thm
716      val thm = fold get_inst_allI args thm
717      val thm = fold (K (fn thm => thm RS @{thm "∀E"(1)})) args thm
718    in
719     thm
720    end))
721  "Generalize a statement about variables to a statement about denoting terms."
722
723(* Note: rereplace-lem does not apply to the embedding *)
724
725AOT_theorem "cqt-basic:1": αβ φ{α,β}  βα φ{α,β}
726  by (metis "≡I" "∀E"(2) "∀I" "→I")
727
728AOT_theorem "cqt-basic:2":
729  α(φ{α}  ψ{α})  (α(φ{α}  ψ{α}) & α(ψ{α}  φ{α}))
730proof (rule "≡I"; rule "→I")
731  AOT_assume α(φ{α}  ψ{α})
732  AOT_hence φ{α}  ψ{α} for α using "∀E"(2) by blast
733  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
734    using "≡E"(1,2) "→I" by blast+
735  AOT_thus α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
736    by (auto intro: "&I" "∀I")
737next
738  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  φ{α})
739  AOT_hence φ{α}  ψ{α} and ψ{α}  φ{α} for α
740    using "∀E"(2) "&E" by blast+
741  AOT_hence φ{α}  ψ{α} for α
742    using "≡I" by blast
743  AOT_thus α(φ{α}  ψ{α}) by (auto intro: "∀I")
744qed
745
746AOT_theorem "cqt-basic:3": α(φ{α}  ψ{α})  (α φ{α}  α ψ{α})
747proof(rule "→I")
748  AOT_assume α(φ{α}  ψ{α})
749  AOT_hence 1: φ{α}  ψ{α} for α using "∀E"(2) by blast
750  {
751    AOT_assume α φ{α}
752    AOT_hence α ψ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
753  }
754  moreover {
755    AOT_assume α ψ{α}
756    AOT_hence α φ{α} using 1 "∀I" "∀E"(4) "≡E" by metis
757  }
758  ultimately AOT_show α φ{α}  α ψ{α}
759    using "≡I" "→I" by auto
760qed
761
762AOT_theorem "cqt-basic:4": α(φ{α} & ψ{α})  (α φ{α} & α ψ{α})
763proof(rule "→I")
764  AOT_assume 0: α(φ{α} & ψ{α})
765  AOT_have φ{α} and ψ{α} for α using "∀E"(2) 0 "&E" by blast+
766  AOT_thus α φ{α} & α ψ{α}
767    by (auto intro: "∀I" "&I")
768qed
769
770AOT_theorem "cqt-basic:5": (α1...∀αn(φ{α1...αn}))  φ{α1...αn}
771  using "cqt-orig:3" by blast
772
773AOT_theorem "cqt-basic:6": αα φ{α}  α φ{α}
774  by (meson "≡I" "→I" GEN "cqt-orig:1[const_var]")
775
776AOT_theorem "cqt-basic:7": (φ  α ψ{α})  α(φ  ψ{α})
777  by (metis "→I" "vdash-properties:6" "rule-ui:3" "≡I" GEN)
778
779AOT_theorem "cqt-basic:8": (α φ{α}  α ψ{α})  α (φ{α}  ψ{α})
780  by (simp add: "∨I"(3) "→I" GEN "cqt-orig:1[const_var]")
781
782AOT_theorem "cqt-basic:9":
783  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α(φ{α}  χ{α})
784proof -
785  {
786    AOT_assume α (φ{α}  ψ{α})
787    moreover AOT_assume α (ψ{α}  χ{α})
788    ultimately AOT_have φ{α}  ψ{α} and ψ{α}  χ{α} for α
789      using "∀E" by blast+
790    AOT_hence φ{α}  χ{α} for α by (metis "→E" "→I")
791    AOT_hence α(φ{α}  χ{α}) using "∀I" by fast
792  }
793  thus ?thesis using "&I" "→I" "&E" by meson
794qed
795
796AOT_theorem "cqt-basic:10":
797  (α(φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α (φ{α}  χ{α})
798proof(rule "→I"; rule "∀I")
799  fix β
800  AOT_assume α(φ{α}  ψ{α}) & α(ψ{α}  χ{α})
801  AOT_hence φ{β}  ψ{β} and ψ{β}  χ{β} using "&E" "∀E" by blast+
802  AOT_thus φ{β}  χ{β} using "≡I" "≡E" by blast
803qed
804
805AOT_theorem "cqt-basic:11": α(φ{α}  ψ{α})  α (ψ{α}  φ{α})
806proof (rule "≡I"; rule "→I")
807  AOT_assume 0: α(φ{α}  ψ{α})
808  {
809    fix α
810    AOT_have φ{α}  ψ{α} using 0 "∀E" by blast
811    AOT_hence ψ{α}  φ{α} using "≡I" "≡E" "→I" "→E" by metis
812  }
813  AOT_thus α(ψ{α}  φ{α}) using "∀I" by fast
814next
815  AOT_assume 0: α(ψ{α}  φ{α})
816  {
817    fix α
818    AOT_have ψ{α}  φ{α} using 0 "∀E" by blast
819    AOT_hence φ{α}  ψ{α} using "≡I" "≡E" "→I" "→E" by metis
820  }
821  AOT_thus α(φ{α}  ψ{α}) using "∀I" by fast
822qed
823
824AOT_theorem "cqt-basic:12": α φ{α}  α (ψ{α}  φ{α})
825  by (simp add: "∀E"(2) "→I" GEN)
826
827AOT_theorem "cqt-basic:13": α φ{α}  β φ{β}
828  using "≡I" "→I" by blast
829
830AOT_theorem "cqt-basic:14":
831  (α1...∀αn (φ{α1...αn}  ψ{α1...αn})) 
832   ((α1...∀αn φ{α1...αn})  (α1...∀αn ψ{α1...αn}))
833  using "cqt:3"[axiom_inst] by auto
834
835AOT_theorem "cqt-basic:15":
836  (α1...∀αn (φ  ψ{α1...αn}))  (φ  (α1...∀αn ψ{α1...αn}))
837  using "cqt-orig:2" by auto
838
839AOT_theorem "universal-cor":
840  assumes for arbitrary β: φ{β}
841  shows α φ{α}
842  using GEN assms .
843
844AOT_theorem "existential:1":
845  assumes φ{τ} and τ
846  shows α φ{α}
847proof(rule "raa-cor:1")
848  AOT_assume ¬α φ{α}
849  AOT_hence α ¬φ{α}
850    using "≡dfI" "conventions:4" RAA "&I" by blast
851  AOT_hence ¬φ{τ} using assms(2) "∀E"(1) "→E" by blast
852  AOT_thus φ{τ} & ¬φ{τ} using assms(1) "&I" by blast
853qed
854
855AOT_theorem "existential:2[const_var]":
856  assumes φ{β}
857  shows α φ{α}
858  using "existential:1" "cqt:2[const_var]"[axiom_inst] assms by blast
859
860AOT_theorem "existential:2[lambda]":
861  assumes φ{ν1...νn ψ{ν1...νn}]} and INSTANCE_OF_CQT_2(ψ)
862  shows α φ{α}
863  using "existential:1" "cqt:2[lambda]"[axiom_inst] assms by blast
864lemmas "∃I" = "existential:1" "existential:2[const_var]"
865              "existential:2[lambda]" 
866
867AOT_theorem "instantiation":
868  assumes for arbitrary β: φ{β}  ψ and α φ{α}
869  shows ψ
870  by (metis (no_types, lifting) "≡dfE" GEN "raa-cor:3" "conventions:4" assms)
871lemmas "∃E" = "instantiation"
872
873AOT_theorem "cqt-further:1": α φ{α}  α φ{α}
874  using "∀E"(4) "∃I"(2) "→I" by metis
875
876AOT_theorem "cqt-further:2": ¬α φ{α}  α ¬φ{α}
877  using "∀I" "∃I"(2) "→I" RAA by metis
878
879AOT_theorem "cqt-further:3": α φ{α}  ¬α ¬φ{α}
880  using "∀E"(4) "∃E" "→I" RAA
881  by (metis "cqt-further:2" "≡I" "modus-tollens:1")
882
883AOT_theorem "cqt-further:4": ¬α φ{α}  α ¬φ{α}
884  using "∀I" "∃I"(2)"→I" RAA by metis
885
886AOT_theorem "cqt-further:5": α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
887  by (metis (no_types, lifting) "&E" "&I" "∃E" "∃I"(2) "→I")
888
889AOT_theorem "cqt-further:6": α (φ{α}  ψ{α})  (α φ{α}  α ψ{α})
890  by (metis (mono_tags, lifting) "∃E" "∃I"(2) "∨E"(3) "∨I"(1, 2) "→I" RAA(2))
891
892(* NOTE: vacuous in the embedding *)
893AOT_theorem "cqt-further:7": α φ{α}  β φ{β}
894  by (simp add: "oth-class-taut:3:a")
895
896AOT_theorem "cqt-further:8":
897  (α φ{α} & α ψ{α})  α (φ{α}  ψ{α})
898  by (metis (mono_tags, lifting) "&E" "≡I" "∀E"(2) "→I" GEN)
899
900AOT_theorem "cqt-further:9":
901  (¬α φ{α} & ¬α ψ{α})  α (φ{α}  ψ{α})
902  by (metis (mono_tags, lifting) "&E" "≡I" "∃I"(2) "→I" GEN "raa-cor:4")
903
904AOT_theorem "cqt-further:10":
905  (α φ{α} & ¬α ψ{α})  ¬α (φ{α}  ψ{α})
906proof(rule "→I"; rule "raa-cor:2")
907  AOT_assume 0: α φ{α} & ¬α ψ{α}
908  then AOT_obtain α where φ{α} using "∃E" "&E"(1) by metis
909  moreover AOT_assume α (φ{α}  ψ{α})
910  ultimately AOT_have ψ{α} using "∀E"(4) "≡E"(1) by blast
911  AOT_hence α ψ{α} using "∃I" by blast
912  AOT_thus α ψ{α} & ¬α ψ{α} using 0 "&E"(2) "&I" by blast
913qed
914
915AOT_theorem "cqt-further:11": αβ φ{α,β}  βα φ{α,β}
916  using "≡I" "→I" "∃I"(2) "∃E" by metis
917
918subsection‹Logical Existence, Identity, and Truth›
919text‹\label{PLM: 9.7}›
920
921AOT_theorem "log-prop-prop:1":  φ]
922  using "cqt:2[lambda0]"[axiom_inst] by auto
923
924AOT_theorem "log-prop-prop:2": φ
925  by (rule "≡dfI"[OF "existence:3"]) "cqt:2[lambda]"
926
927AOT_theorem "exist-nec": τ  τ
928proof -
929  AOT_have β β
930    by (simp add: GEN RN "cqt:2[const_var]"[axiom_inst])
931  AOT_thus τ  τ
932    using "cqt:1"[axiom_inst] "→E" by blast
933qed
934
935(* TODO: replace this mechanism by a "proof by types" command *)
936class AOT_Term_id = AOT_Term +
937  assumes "t=t-proper:1"[AOT]: [v  τ = τ'  τ]
938      and "t=t-proper:2"[AOT]: [v  τ = τ'  τ']
939
940instance κ :: AOT_Term_id
941proof
942  AOT_modally_strict {
943    AOT_show κ = κ'  κ for κ κ'
944    proof(rule "→I")
945      AOT_assume κ = κ'
946      AOT_hence O!κ  A!κ
947        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
948           (meson "→I" "∨I"(1) "&E"(1))+
949      AOT_thus κ
950        by (rule "∨E"(1))
951           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
952    qed
953  }
954next
955  AOT_modally_strict {
956    AOT_show κ = κ'  κ' for κ κ'
957    proof(rule "→I")
958      AOT_assume κ = κ'
959      AOT_hence O!κ'  A!κ'
960        by (rule "∨I"(3)[OF "≡dfE"[OF "identity:1"]])
961           (meson "→I" "∨I" "&E")+
962      AOT_thus κ'
963        by (rule "∨E"(1))
964           (metis "cqt:5:a"[axiom_inst] "→I" "→E" "&E"(2))+
965    qed
966  }
967qed
968
969instance rel :: (AOT_κs) AOT_Term_id
970proof
971  AOT_modally_strict {
972    AOT_show Π = Π'  Π for Π Π' :: <'a>
973    proof(rule "→I")
974      AOT_assume Π = Π'
975      AOT_thus Π using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
976    qed
977  }
978next
979  AOT_modally_strict {
980    AOT_show Π = Π'  Π' for Π Π' :: <'a>
981    proof(rule "→I")
982      AOT_assume Π = Π'
983      AOT_thus Π' using "≡dfE"[OF "identity:3"[of Π Π']] "&E" by blast
984    qed
985  }
986qed
987
988instance 𝗈 :: AOT_Term_id
989proof
990  AOT_modally_strict {
991    fix φ ψ
992    AOT_show φ = ψ  φ
993    proof(rule "→I")
994      AOT_assume φ = ψ
995      AOT_thus φ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
996    qed
997  }
998next
999  AOT_modally_strict {
1000    fix φ ψ
1001    AOT_show φ = ψ  ψ
1002    proof(rule "→I")
1003      AOT_assume φ = ψ
1004      AOT_thus ψ using "≡dfE"[OF "identity:4"[of φ ψ]] "&E" by blast
1005    qed
1006  }
1007qed
1008
1009instance prod :: (AOT_Term_id, AOT_Term_id) AOT_Term_id
1010proof
1011  AOT_modally_strict {
1012    fix τ τ' :: 'a×'b
1013    AOT_show τ = τ'  τ
1014    proof (induct τ; induct τ'; rule "→I")
1015      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1016      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1017      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1018      AOT_hence τ1 and τ2
1019        using "t=t-proper:1" "&E" "vdash-properties:10" by blast+
1020      AOT_thus «(τ1, τ2)» by (metis "≡dfI" "&I" tuple_denotes)
1021    qed
1022  }
1023next
1024  AOT_modally_strict {
1025    fix τ τ' :: 'a×'b
1026    AOT_show τ = τ'  τ'
1027    proof (induct τ; induct τ'; rule "→I")
1028      fix τ1 τ1' :: 'a and τ2  τ2' :: 'b
1029      AOT_assume «(τ1, τ2)» = «(τ1', τ2')»
1030      AOT_hence (τ1 = τ1') & (τ2 = τ2') by (metis "≡dfE" tuple_identity_1)
1031      AOT_hence τ1' and τ2'
1032        using "t=t-proper:2" "&E" "vdash-properties:10" by blast+
1033      AOT_thus «(τ1', τ2')» by (metis "≡dfI" "&I" tuple_denotes)
1034    qed
1035  }
1036qed
1037
1038(* This is the end of the "proof by types" and
1039   makes the results available on new theorems *)
1040AOT_register_type_constraints
1041  Term: _::AOT_Term_id› _::AOT_Term_id›
1042AOT_register_type_constraints
1043  Individual: ‹κ› _::{AOT_κs, AOT_Term_id}
1044AOT_register_type_constraints
1045  Relation: <_::{AOT_κs, AOT_Term_id}>
1046
1047AOT_theorem "id-rel-nec-equiv:1":
1048  Π = Π'  x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1049proof(rule "→I")
1050  AOT_assume assumption: Π = Π'
1051  AOT_hence Π and Π'
1052    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1053  moreover AOT_have FG (F = G  ((x1...∀xn ([F]x1...xn  [F]x1...xn)) 
1054                                     x1...∀xn ([F]x1...xn  [G]x1...xn)))
1055    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1056  ultimately AOT_have Π = Π'  ((x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1057                                   x1...∀xn ([Π]x1...xn  [Π']x1...xn))
1058    using "∀E"(1) by blast
1059  AOT_hence (x1...∀xn ([Π]x1...xn  [Π]x1...xn)) 
1060             x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1061    using assumption "→E" by blast
1062  moreover AOT_have x1...∀xn ([Π]x1...xn  [Π]x1...xn)
1063    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1064  ultimately AOT_show x1...∀xn ([Π]x1...xn  [Π']x1...xn)
1065    using "→E" by blast
1066qed
1067
1068AOT_theorem "id-rel-nec-equiv:2": φ = ψ  (φ  ψ)
1069proof(rule "→I")
1070  AOT_assume assumption: φ = ψ
1071  AOT_hence φ and ψ
1072    using "t=t-proper:1" "t=t-proper:2" MP by blast+
1073  moreover AOT_have pq (p = q  (((p  p)  (p  q))))
1074    apply (rule GEN)+ using "l-identity"[axiom_inst] by force
1075  ultimately AOT_have φ = ψ  ((φ  φ)  (φ  ψ))
1076    using "∀E"(1) by blast
1077  AOT_hence (φ  φ)  (φ  ψ)
1078    using assumption "→E" by blast
1079  moreover AOT_have (φ  φ)
1080    by (simp add: RN "oth-class-taut:3:a" "universal-cor")
1081  ultimately AOT_show (φ  ψ)
1082    using "→E" by blast
1083qed
1084
1085AOT_theorem "rule=E":
1086  assumes φ{τ} and τ = σ
1087  shows φ{σ}
1088proof -
1089  AOT_have τ and σ
1090    using assms(2) "t=t-proper:1" "t=t-proper:2" "→E" by blast+
1091  moreover AOT_have αβ(α = β  (φ{α}  φ{β}))
1092    apply (rule GEN)+ using "l-identity"[axiom_inst] by blast
1093  ultimately AOT_have τ = σ  (φ{τ}  φ{σ})
1094    using "∀E"(1) by blast
1095  AOT_thus φ{σ} using assms "→E" by blast
1096qed
1097
1098AOT_theorem "propositions-lemma:1":  φ] = φ
1099proof -
1100  AOT_have φ by (simp add: "log-prop-prop:2")
1101  moreover AOT_have p  p] = p
1102    using "lambda-predicates:3[zero]"[axiom_inst] "∀I" by fast
1103  ultimately AOT_show  φ] = φ
1104    using "∀E" by blast
1105qed
1106
1107AOT_theorem "propositions-lemma:2":  φ]  φ
1108proof -
1109  AOT_have  φ]   φ] by (simp add: "oth-class-taut:3:a")
1110  AOT_thus  φ]  φ using "propositions-lemma:1" "rule=E" by blast
1111qed
1112
1113(* propositions-lemma:3 through propositions-lemma:5 do not apply *)
1114
1115AOT_theorem "propositions-lemma:6": (φ  ψ)  ( φ]   ψ])
1116  by (metis "≡E"(1) "≡E"(5) "Associativity of ≡" "propositions-lemma:2")
1117
1118(* dr-alphabetic-rules does not apply *)
1119
1120AOT_theorem "oa-exist:1": O!
1121proof -
1122  AOT_have x [E!]x] by "cqt:2[lambda]"
1123  AOT_hence 1: O! = x [E!]x]
1124    using "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1)] "→E" by blast
1125  AOT_show O! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1126qed
1127
1128AOT_theorem "oa-exist:2": A!
1129proof -
1130  AOT_have x ¬[E!]x] by "cqt:2[lambda]"
1131  AOT_hence 1: A! = x ¬[E!]x]
1132    using "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1)] "→E" by blast
1133  AOT_show A! using "t=t-proper:1"[THEN "→E", OF 1] by simp
1134qed
1135
1136AOT_theorem "oa-exist:3": O!x  A!x
1137proof(rule "raa-cor:1")
1138  AOT_assume ¬(O!x  A!x)
1139  AOT_hence A: ¬O!x and B: ¬A!x
1140    using "Disjunction Addition"(1) "modus-tollens:1"
1141          "∨I"(2) "raa-cor:5" by blast+
1142  AOT_have C: O! = x [E!]x]
1143    by (rule "df-rules-terms[4]"[OF "oa:1", THEN "&E"(1), THEN "→E"]) "cqt:2"
1144  AOT_have D: A! = x ¬[E!]x]
1145    by (rule "df-rules-terms[4]"[OF "oa:2", THEN "&E"(1), THEN "→E"]) "cqt:2"
1146  AOT_have E: ¬x [E!]x]x
1147    using A C "rule=E" by fast
1148  AOT_have F: ¬x ¬[E!]x]x
1149    using B D "rule=E" by fast
1150  AOT_have G: x [E!]x]x  [E!]x
1151    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1152  AOT_have H: x ¬[E!]x]x  ¬[E!]x
1153    by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
1154  AOT_show ¬[E!]x & ¬¬[E!]x using G E "≡E" H F "≡E" "&I" by metis
1155qed
1156
1157AOT_theorem "p-identity-thm2:1": F = G  x(x[F]  x[G])
1158proof -
1159  AOT_have F = G  F & G & x(x[F]  x[G])
1160    using "identity:2" "df-rules-formulas[3]" "df-rules-formulas[4]"
1161          "→E" "&E" "≡I" "→I" by blast
1162  moreover AOT_have F and G
1163    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1164  ultimately AOT_show F = G  x(x[F]  x[G])
1165    using "≡S"(1) "&I" by blast
1166qed
1167
1168AOT_theorem "p-identity-thm2:2[2]":
1169  F = G  y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1170proof -
1171  AOT_have F = G  F & G &
1172              y1(x [F]xy1] = x [G]xy1] & x [F]y1x] = x [G]y1x])
1173    using "identity:3[2]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1174          "→E" "&E" "≡I" "→I" by blast
1175  moreover AOT_have F and G
1176    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1177  ultimately show ?thesis
1178    using "≡S"(1) "&I" by blast
1179qed
1180    
1181AOT_theorem "p-identity-thm2:2[3]":
1182  F = G  y1y2(x [F]xy1y2] = x [G]xy1y2] &
1183                  x [F]y1xy2] = x [G]y1xy2] &
1184                  x [F]y1y2x] = x [G]y1y2x])
1185proof -
1186  AOT_have F = G  F & G & y1y2(x [F]xy1y2] = x [G]xy1y2] &
1187                                     x [F]y1xy2] = x [G]y1xy2] &
1188                                     x [F]y1y2x] = x [G]y1y2x])
1189    using "identity:3[3]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1190          "→E" "&E" "≡I" "→I" by blast
1191  moreover AOT_have F and G
1192    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1193  ultimately show ?thesis
1194    using "≡S"(1) "&I" by blast
1195qed
1196
1197AOT_theorem "p-identity-thm2:2[4]":
1198  F = G  y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1199                     x [F]y1xy2y3] = x [G]y1xy2y3] &
1200                     x [F]y1y2xy3] = x [G]y1y2xy3] &
1201                     x [F]y1y2y3x] = x [G]y1y2y3x])
1202proof -
1203  AOT_have F = G  F & G & y1y2y3(x [F]xy1y2y3] = x [G]xy1y2y3] &
1204                                        x [F]y1xy2y3] = x [G]y1xy2y3] &
1205                                        x [F]y1y2xy3] = x [G]y1y2xy3] &
1206                                        x [F]y1y2y3x] = x [G]y1y2y3x])
1207    using "identity:3[4]" "df-rules-formulas[3]" "df-rules-formulas[4]"
1208          "→E" "&E" "≡I" "→I" by blast
1209  moreover AOT_have F and G
1210    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1211  ultimately show ?thesis
1212    using "≡S"(1) "&I" by blast
1213qed
1214
1215AOT_theorem "p-identity-thm2:2":
1216  F = G  x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1217proof -
1218  AOT_have F = G  F & G &
1219              x1...∀xn «AOT_sem_proj_id x1xn (λ τ . «[F]τ») (λ τ . «[G]τ»)»
1220    using "identity:3" "df-rules-formulas[3]" "df-rules-formulas[4]"
1221          "→E" "&E" "≡I" "→I" by blast
1222  moreover AOT_have F and G
1223    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1224  ultimately show ?thesis
1225    using "≡S"(1) "&I" by blast
1226qed
1227
1228AOT_theorem "p-identity-thm2:3":
1229  p = q  x p] = x q]
1230proof -
1231  AOT_have p = q  p & q & x p] = x q]
1232    using "identity:4" "df-rules-formulas[3]" "df-rules-formulas[4]"
1233          "→E" "&E" "≡I" "→I" by blast
1234  moreover AOT_have p and q
1235    by (auto simp: "cqt:2[const_var]"[axiom_inst])
1236  ultimately show ?thesis
1237    using "≡S"(1) "&I" by blast
1238qed
1239
1240class AOT_Term_id_2 = AOT_Term_id + assumes "id-eq:1": [v  α = α]
1241
1242instance κ :: AOT_Term_id_2
1243proof
1244  AOT_modally_strict {
1245    fix x
1246    {
1247      AOT_assume O!x
1248      moreover AOT_have F([F]x  [F]x)
1249        using RN GEN "oth-class-taut:3:a" by fast
1250      ultimately AOT_have O!x & O!x & F([F]x  [F]x) using "&I" by simp
1251    }
1252    moreover {
1253      AOT_assume A!x
1254      moreover AOT_have F(x[F]  x[F])
1255        using RN GEN "oth-class-taut:3:a" by fast
1256      ultimately AOT_have A!x & A!x & F(x[F]  x[F]) using "&I" by simp
1257    }
1258    ultimately AOT_have (O!x & O!x & F([F]x  [F]x)) 
1259                         (A!x & A!x & F(x[F]  x[F]))
1260      using "oa-exist:3" "∨I"(1) "∨I"(2) "∨E"(3) "raa-cor:1" by blast
1261    AOT_thus x = x
1262      using "identity:1"[THEN "df-rules-formulas[4]"] "→E" by blast
1263  }
1264qed
1265
1266instance rel :: ("{AOT_κs,AOT_Term_id_2}") AOT_Term_id_2
1267proof
1268  AOT_modally_strict {
1269    fix F :: "<'a> AOT_var"
1270    AOT_have 0: x1...xn [F]x1...xn] = F
1271      by (simp add: "lambda-predicates:3"[axiom_inst])
1272    AOT_have x1...xn [F]x1...xn]
1273      by "cqt:2[lambda]"
1274    AOT_hence x1...xn [F]x1...xn] = x1...xn [F]x1...xn]
1275      using "lambda-predicates:1"[axiom_inst] "→E" by blast
1276    AOT_show F = F using "rule=E" 0 by force 
1277  }
1278qed
1279
1280instance 𝗈 :: AOT_Term_id_2
1281proof
1282  AOT_modally_strict {
1283    fix p
1284    AOT_have 0:  p] = p
1285      by (simp add: "lambda-predicates:3[zero]"[axiom_inst])
1286    AOT_have  p]
1287      by (rule "cqt:2[lambda0]"[axiom_inst])
1288    AOT_hence  p] =  p]
1289      using "lambda-predicates:1[zero]"[axiom_inst] "→E" by blast
1290    AOT_show p = p using "rule=E" 0 by force
1291  }
1292qed
1293
1294instance prod :: (AOT_Term_id_2, AOT_Term_id_2) AOT_Term_id_2
1295proof
1296  AOT_modally_strict {
1297    fix α :: ('a×'b) AOT_var›
1298    AOT_show α = α
1299    proof (induct)
1300      AOT_show τ = τ if τ for τ :: 'a×'b
1301        using that
1302      proof (induct τ)
1303        fix τ1 :: 'a and τ2 :: 'b
1304        AOT_assume «(τ1,τ2)»
1305        AOT_hence τ1 and τ2
1306          using "≡dfE" "&E" tuple_denotes by blast+
1307        AOT_hence τ1 = τ1 and τ2 = τ2
1308          using "id-eq:1"[unvarify α] by blast+
1309        AOT_thus «(τ1, τ2)» = «(τ1, τ2)»
1310          by (metis "≡dfI" "&I" tuple_identity_1)
1311      qed
1312    qed
1313  }
1314qed
1315
1316AOT_register_type_constraints
1317  Term: _::AOT_Term_id_2› _::AOT_Term_id_2›
1318AOT_register_type_constraints
1319  Individual: ‹κ› _::{AOT_κs, AOT_Term_id_2}
1320AOT_register_type_constraints
1321  Relation: <_::{AOT_κs, AOT_Term_id_2}>
1322
1323AOT_theorem "id-eq:2": α = β  β = α
1324  by (meson "rule=E" "deduction-theorem")
1325
1326AOT_theorem "id-eq:3": α = β & β = γ  α = γ
1327  using "rule=E" "→I" "&E" by blast
1328
1329AOT_theorem "id-eq:4": α = β  γ (α = γ  β = γ)
1330proof (rule "≡I"; rule "→I")
1331  AOT_assume 0: α = β
1332  AOT_hence 1: β = α using "id-eq:2" "→E" by blast
1333  AOT_show γ (α = γ  β = γ)
1334    by (rule GEN) (metis "≡I" "→I" 0 "1" "rule=E")
1335next
1336  AOT_assume γ (α = γ  β = γ)
1337  AOT_hence α = α  β = α using "∀E"(2) by blast
1338  AOT_hence α = α  β = α using "≡E"(1) "→I" by blast
1339  AOT_hence β = α using "id-eq:1" "→E" by blast
1340  AOT_thus α = β using "id-eq:2" "→E" by blast
1341qed
1342
1343AOT_theorem "rule=I:1":
1344  assumes τ
1345  shows τ = τ
1346proof -
1347  AOT_have α (α = α)
1348    by (rule GEN) (metis "id-eq:1")
1349  AOT_thus τ = τ using assms "∀E" by blast
1350qed
1351
1352AOT_theorem "rule=I:2[const_var]": "α = α"
1353  using "id-eq:1".
1354
1355AOT_theorem "rule=I:2[lambda]":
1356  assumes INSTANCE_OF_CQT_2(φ)
1357  shows "ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]"
1358proof -
1359  AOT_have α (α = α)
1360    by (rule GEN) (metis "id-eq:1")
1361  moreover AOT_have ν1...νn φ{ν1...νn}]
1362    using assms by (rule "cqt:2[lambda]"[axiom_inst])
1363  ultimately AOT_show ν1...νn φ{ν1...νn}] = ν1...νn φ{ν1...νn}]
1364    using assms "∀E" by blast
1365qed
1366
1367lemmas "=I" = "rule=I:1" "rule=I:2[const_var]" "rule=I:2[lambda]"
1368
1369AOT_theorem "rule-id-df:1":
1370  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn}
1371  shows τ{τ1...τn} = σ{τ1...τn}
1372proof -
1373  AOT_have σ{τ1...τn}  τ{τ1...τn} = σ{τ1...τn}
1374    using "df-rules-terms[3]" assms(1) "&E" by blast
1375  AOT_thus τ{τ1...τn} = σ{τ1...τn}
1376    using assms(2) "→E" by blast
1377qed
1378
1379AOT_theorem "rule-id-df:1[zero]":
1380  assumes τ =df σ and σ
1381  shows τ = σ
1382proof -
1383  AOT_have σ  τ = σ
1384    using "df-rules-terms[4]" assms(1) "&E" by blast
1385  AOT_thus τ = σ
1386    using assms(2) "→E" by blast
1387qed
1388
1389AOT_theorem "rule-id-df:2:a":
1390  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{τ{τ1...τn}}
1391  shows φ{σ{τ1...τn}}
1392proof -
1393  AOT_have τ{τ1...τn} = σ{τ1...τn} using "rule-id-df:1" assms(1,2) by blast
1394  AOT_thus φ{σ{τ1...τn}} using assms(3) "rule=E" by blast
1395qed
1396
1397AOT_theorem "rule-id-df:2:a[2]":
1398  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1399    and σ{«(τ1,τ2)»}
1400      and φ{τ{«(τ1,τ2)»}}
1401  shows φ{σ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1402proof -
1403  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1404    using "rule-id-df:1" assms(1,2) by auto
1405  AOT_thus φ{σ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1406qed
1407
1408AOT_theorem "rule-id-df:2:a[zero]":
1409  assumes τ =df σ and σ and φ{τ}
1410  shows φ{σ}
1411proof -
1412  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1413  AOT_thus φ{σ} using assms(3) "rule=E" by blast
1414qed
1415
1416lemmas "=dfE" = "rule-id-df:2:a" "rule-id-df:2:a[zero]"
1417
1418AOT_theorem "rule-id-df:2:b":
1419  assumes τ{α1...αn} =df σ{α1...αn} and σ{τ1...τn} and φ{σ{τ1...τn}}
1420  shows φ{τ{τ1...τn}}
1421proof -
1422  AOT_have τ{τ1...τn} = σ{τ1...τn}
1423    using "rule-id-df:1" assms(1,2) by blast
1424  AOT_hence σ{τ1...τn} = τ{τ1...τn}
1425    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1426  AOT_thus φ{τ{τ1...τn}} using assms(3) "rule=E" by blast
1427qed
1428
1429AOT_theorem "rule-id-df:2:b[2]":
1430  assumes τ{«(α1,α2)»} =df σ{«(α1,α2)»}
1431      and σ{«(τ1,τ2)»}
1432      and φ{σ{«(τ1,τ2)»}}
1433  shows φ{τ{«(τ1::'a::AOT_Term_id_2,τ2::'b::AOT_Term_id_2)»}}
1434proof -
1435  AOT_have τ{«(τ1,τ2)»} = σ{«(τ1,τ2)»}
1436    using "=I"(1) "rule-id-df:2:a[2]" RAA(1) assms(1,2) "→I" by metis
1437  AOT_hence σ{«(τ1,τ2)»} = τ{«(τ1,τ2)»}
1438    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1439  AOT_thus φ{τ{«(τ1,τ2)»}} using assms(3) "rule=E" by blast
1440qed
1441
1442AOT_theorem "rule-id-df:2:b[zero]":
1443  assumes τ =df σ and σ and φ{σ}
1444  shows φ{τ}
1445proof -
1446  AOT_have τ = σ using "rule-id-df:1[zero]" assms(1,2) by blast
1447  AOT_hence σ = τ
1448    using "rule=E" "=I"(1) "t=t-proper:1" "→E" by fast
1449  AOT_thus φ{τ} using assms(3) "rule=E" by blast
1450qed
1451
1452lemmas "=dfI" = "rule-id-df:2:b" "rule-id-df:2:b[zero]"
1453
1454AOT_theorem "free-thms:1": τ  β (β = τ)
1455  by (metis "∃E" "rule=I:1" "t=t-proper:2" "→I" "∃I"(1) "≡I" "→E")
1456
1457AOT_theorem "free-thms:2": α φ{α}  (β (β = τ)  φ{τ})
1458  by (metis "∃E" "rule=E" "cqt:2[const_var]"[axiom_inst] "→I" "∀E"(1))
1459
1460AOT_theorem "free-thms:3[const_var]": β (β = α)
1461  by (meson "∃I"(2) "id-eq:1")
1462
1463AOT_theorem "free-thms:3[lambda]":
1464  assumes INSTANCE_OF_CQT_2(φ)
1465  shows β (β = ν1...νn φ{ν1...νn}])
1466  by (meson "=I"(3) assms "cqt:2[lambda]"[axiom_inst] "existential:1")
1467
1468AOT_theorem "free-thms:4[rel]":
1469  ([Π]κ1...κn  κ1...κn[Π])  β (β = Π)
1470  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1471            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1472
1473AOT_theorem "free-thms:4[vars]":
1474  ([Π]κ1...κn  κ1...κn[Π])  β1...∃βn (β1...βn = κ1...κn)
1475  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1476            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1477
1478AOT_theorem "free-thms:4[1,rel]":
1479  ([Π]κ  κ[Π])  β (β = Π)
1480  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a"[axiom_inst]
1481            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1482AOT_theorem "free-thms:4[1,1]":
1483  ([Π]κ  κ[Π])  β (β = κ)
1484  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a"[axiom_inst]
1485            "cqt:5:b"[axiom_inst] "→I" "∃I"(1))
1486
1487AOT_theorem "free-thms:4[2,rel]":
1488  ([Π]κ1κ2  κ1κ2[Π])  β (β = Π)
1489  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1490            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1491AOT_theorem "free-thms:4[2,1]":
1492  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ1)
1493  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1494            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1495AOT_theorem "free-thms:4[2,2]":
1496  ([Π]κ1κ2  κ1κ2[Π])  β (β = κ2)
1497  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[2]"[axiom_inst]
1498            "cqt:5:b[2]"[axiom_inst] "→I" "∃I"(1))
1499AOT_theorem "free-thms:4[3,rel]":
1500  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = Π)
1501  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1502            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1503AOT_theorem "free-thms:4[3,1]":
1504  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ1)
1505  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1506            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1507AOT_theorem "free-thms:4[3,2]":
1508  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ2)
1509  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1510            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1511AOT_theorem "free-thms:4[3,3]":
1512  ([Π]κ1κ2κ3  κ1κ2κ3[Π])  β (β = κ3)
1513  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[3]"[axiom_inst]
1514            "cqt:5:b[3]"[axiom_inst] "→I" "∃I"(1))
1515AOT_theorem "free-thms:4[4,rel]":
1516  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = Π)
1517  by (metis "rule=I:1" "&E"(1) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1518            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1519AOT_theorem "free-thms:4[4,1]":
1520  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ1)
1521  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1522            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1523AOT_theorem "free-thms:4[4,2]":
1524  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ2)
1525  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1526            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1527AOT_theorem "free-thms:4[4,3]":
1528  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ3)
1529  by (metis "rule=I:1" "&E" "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1530            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1531AOT_theorem "free-thms:4[4,4]":
1532  ([Π]κ1κ2κ3κ4  κ1κ2κ3κ4[Π])  β (β = κ4)
1533  by (metis "rule=I:1" "&E"(2) "∨E"(1) "cqt:5:a[4]"[axiom_inst]
1534            "cqt:5:b[4]"[axiom_inst] "→I" "∃I"(1))
1535
1536AOT_theorem "ex:1:a": α α
1537  by (rule GEN) (fact "cqt:2[const_var]"[axiom_inst])
1538AOT_theorem "ex:1:b": αβ(β = α)
1539  by (rule GEN) (fact "free-thms:3[const_var]")
1540
1541AOT_theorem "ex:2:a": α
1542  by (rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1543AOT_theorem "ex:2:b": β(β = α)
1544  by (rule RN) (fact "free-thms:3[const_var]")
1545
1546AOT_theorem "ex:3:a": α α
1547  by (rule RN) (fact "ex:1:a")
1548AOT_theorem "ex:3:b": αβ(β = α)
1549  by (rule RN) (fact "ex:1:b")
1550
1551AOT_theorem "ex:4:a": α α
1552  by (rule GEN; rule RN) (fact "cqt:2[const_var]"[axiom_inst])
1553AOT_theorem "ex:4:b": αβ(β = α)
1554  by (rule GEN; rule RN) (fact "free-thms:3[const_var]")
1555
1556AOT_theorem "ex:5:a": α α
1557  by (rule RN) (simp add: "ex:4:a")
1558AOT_theorem "ex:5:b": αβ(β = α)
1559  by (rule RN) (simp add: "ex:4:b")
1560
1561AOT_theorem "all-self=:1": α(α = α)
1562  by (rule RN; rule GEN) (fact "id-eq:1")
1563AOT_theorem "all-self=:2": α(α = α)
1564  by (rule GEN; rule RN) (fact "id-eq:1")
1565
1566AOT_theorem "id-nec:1": α = β  (α = β)
1567proof(rule "→I")
1568  AOT_assume α = β
1569  moreover AOT_have (α = α)
1570    by (rule RN) (fact "id-eq:1")
1571  ultimately AOT_show (α = β) using "rule=E" by fast
1572qed
1573
1574AOT_theorem "id-nec:2": τ = σ  (τ = σ)
1575proof(rule "→I")
1576  AOT_assume asm: τ = σ
1577  moreover AOT_have τ
1578    using calculation "t=t-proper:1" "→E" by blast
1579  moreover AOT_have (τ = τ)
1580    using calculation "all-self=:2" "∀E"(1) by blast
1581  ultimately AOT_show (τ = σ) using "rule=E" by fast
1582qed
1583
1584AOT_theorem "term-out:1": φ{α}  β (β = α & φ{β})
1585proof (rule "≡I"; rule "→I")
1586  AOT_assume asm: φ{α}
1587  AOT_show β (β = α & φ{β})
1588    by (rule "∃I"(2)[where β=α]; rule "&I")
1589       (auto simp: "id-eq:1" asm)
1590next
1591  AOT_assume 0: β (β = α & φ{β})
1592  AOT_obtain β where β = α & φ{β}
1593    using "∃E"[rotated, OF 0] by blast
1594  AOT_thus φ{α} using "&E" "rule=E" by blast
1595qed
1596
1597AOT_theorem "term-out:2": τ  (φ{τ}  α(α = τ & φ{α}))
1598proof(rule "→I")
1599  AOT_assume τ
1600  moreover AOT_have α (φ{α}  β (β = α & φ{β}))
1601    by (rule GEN) (fact "term-out:1")
1602  ultimately AOT_show φ{τ}  α(α = τ & φ{α})
1603    using "∀E" by blast
1604qed
1605
1606AOT_theorem "term-out:3":
1607  (φ{α} & β(φ{β}  β = α))  β(φ{β}  β = α)
1608  apply (rule "≡I"; rule "→I")
1609   apply (frule "&E"(1))
1610   apply (drule "&E"(2))
1611   apply (rule GEN; rule "≡I"; rule "→I")
1612  using "rule-ui:2[const_var]" "vdash-properties:5"
1613    apply blast
1614   apply (meson "rule=E" "id-eq:1")
1615  apply (rule "&I")
1616  using "id-eq:1" "≡E"(2) "rule-ui:3"
1617   apply blast
1618  apply (rule GEN; rule "→I")
1619  using "≡E"(1) "rule-ui:2[const_var]"
1620  by blast
1621
1622(* Note: generalized alphabetic variant of the last theorem. *)
1623AOT_theorem "term-out:4":
1624  (φ{β} & α(φ{α}  α = β))  α(φ{α}  α = β)
1625  using "term-out:3" .
1626
1627(* TODO: Provide a nicer mechanism for introducing custom binders. *)
1628AOT_define AOT_exists_unique :: ‹α  φ  φ› "uniqueness:1":
1629  «AOT_exists_unique φ» df α (φ{α} & β (φ{β}  β = α))
1630syntax (input) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_ _" [1,40])
1631syntax (output) "_AOT_exists_unique" :: ‹α  φ  φ› ("∃!_'(_')" [1,40])
1632AOT_syntax_print_translations
1633  "_AOT_exists_unique τ φ" <= "CONST AOT_exists_unique (_abs τ φ)"
1634syntax
1635   "_AOT_exists_unique_ellipse" :: ‹id_position  id_position  φ  φ›
1636   (∃!_...∃!_ _› [1,40])
1637parse_ast_translation1638[(syntax_const‹_AOT_exists_unique_ellipse›,
1639  fn ctx => fn [a,b,c] => Ast.mk_appl (Ast.Constant "AOT_exists_unique")
1640  [parseEllipseList "_AOT_vars" ctx [a,b],c]),
1641 (syntax_const‹_AOT_exists_unique›,
1642  AOT_restricted_binder
1643    const_name‹AOT_exists_unique›
1644    const_syntax‹AOT_conj›)]
1645print_translationAOT_syntax_print_translations [
1646  AOT_preserve_binder_abs_tr'
1647    const_syntax‹AOT_exists_unique›
1648    syntax_const‹_AOT_exists_unique›
1649    (syntax_const‹_AOT_exists_unique_ellipse›, true)
1650    const_name‹AOT_conj›,
1651  AOT_binder_trans
1652    @{theory}
1653    @{binding "AOT_exists_unique_binder"}
1654    syntax_const‹_AOT_exists_unique›
1655]
1656
1657
1658context AOT_meta_syntax
1659begin
1660notation AOT_exists_unique (binder "!" 20)
1661end
1662context AOT_no_meta_syntax
1663begin
1664no_notation AOT_exists_unique (binder "!" 20)
1665end
1666
1667AOT_theorem "uniqueness:2": ∃!α φ{α}  αβ(φ{β}  β = α)
1668proof(rule "≡I"; rule "→I")
1669    AOT_assume ∃!α φ{α}
1670    AOT_hence α (φ{α} & β (φ{β}  β = α))
1671      using "uniqueness:1" "≡dfE" by blast
1672    then AOT_obtain α where φ{α} & β (φ{β}  β = α)
1673      using "instantiation"[rotated] by blast
1674    AOT_hence β(φ{β}  β = α)
1675      using "term-out:3" "≡E" by blast
1676    AOT_thus αβ(φ{β}  β = α)
1677      using "∃I" by fast
1678next
1679    AOT_assume αβ(φ{β}  β = α)
1680    then AOT_obtain α where β (φ{β}  β = α)
1681      using "instantiation"[rotated] by blast
1682    AOT_hence φ{α} & β (φ{β}  β = α)
1683      using "term-out:3" "≡E" by blast
1684    AOT_hence α (φ{α} & β (φ{β}  β = α))
1685      using "∃I" by fast
1686    AOT_thus ∃!α φ{α}
1687      using "uniqueness:1" "≡dfI" by blast
1688qed
1689
1690AOT_theorem "uni-most": ∃!α φ{α}  βγ((φ{β} & φ{γ})  β = γ)
1691proof(rule "→I"; rule GEN; rule GEN; rule "→I")
1692  fix β γ
1693  AOT_assume ∃!α φ{α}
1694  AOT_hence αβ(φ{β}  β = α)
1695    using "uniqueness:2" "≡E" by blast
1696  then AOT_obtain α where β(φ{β}  β = α)
1697    using "instantiation"[rotated] by blast
1698  moreover AOT_assume φ{β} & φ{γ}
1699  ultimately AOT_have β = α and γ = α
1700    using "∀E"(2) "&E" "≡E"(1,2) by blast+
1701  AOT_thus β = γ
1702    by (metis "rule=E" "id-eq:2" "→E")
1703qed
1704
1705AOT_theorem "nec-exist-!": α(φ{α}  φ{α})  (∃!α φ{α}  ∃!α φ{α})
1706proof (rule "→I"; rule "→I")
1707  AOT_assume a: α(φ{α}  φ{α})
1708  AOT_assume ∃!α φ{α}
1709  AOT_hence α (φ{α} & β (φ{β}  β = α))
1710    using "uniqueness:1" "≡dfE" by blast
1711  then AOT_obtain α where ξ: φ{α} & β (φ{β}  β = α)
1712    using "instantiation"[rotated] by blast
1713  AOT_have φ{α}
1714    using ξ a "&E" "∀E" "→E" by fast
1715  moreover AOT_have β (φ{β}  β = α)
1716    apply (rule GEN; rule "→I")
1717    using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "→E"]
1718          "qml:2"[axiom_inst, THEN "→E"] by blast
1719  ultimately AOT_have (φ{α} & β (φ{β}  β = α))
1720    using "&I" by blast
1721  AOT_thus ∃!α φ{α}
1722    using "uniqueness:1" "≡dfI" "∃I" by fast
1723qed
1724
1725subsection‹The Theory of Actuality and Descriptions›
1726text‹\label{PLM: 9.8}›
1727
1728AOT_theorem "act-cond": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1729  using "→I" "≡E"(1) "logic-actual-nec:2"[axiom_inst] by blast
1730
1731AOT_theorem "nec-imp-act": φ  𝒜φ
1732  by (metis "act-cond" "contraposition:1[2]" "≡E"(4)
1733            "qml:2"[THEN act_closure, axiom_inst]
1734            "qml-act:2"[axiom_inst] RAA(1) "→E" "→I")
1735
1736AOT_theorem "act-conj-act:1": 𝒜(𝒜φ  φ)
1737  using "→I" "≡E"(2) "logic-actual-nec:2"[axiom_inst]
1738        "logic-actual-nec:4"[axiom_inst] by blast
1739
1740AOT_theorem "act-conj-act:2": 𝒜(φ  𝒜φ)
1741  by (metis "→I" "≡E"(2, 4) "logic-actual-nec:2"[axiom_inst]
1742            "logic-actual-nec:4"[axiom_inst] RAA(1))
1743
1744AOT_theorem "act-conj-act:3": (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1745proof -
1746  AOT_have (φ  (ψ  (φ & ψ)))
1747    by (rule RN) (fact Adjunction)
1748  AOT_hence 𝒜(φ  (ψ  (φ & ψ)))
1749    using "nec-imp-act" "→E" by blast
1750  AOT_hence 𝒜φ  𝒜(ψ  (φ & ψ))
1751    using "act-cond" "→E" by blast
1752  moreover AOT_have 𝒜(ψ  (φ & ψ))  (𝒜ψ  𝒜(φ & ψ))
1753    by (fact "act-cond")
1754  ultimately AOT_have 𝒜φ  (𝒜ψ  𝒜(φ & ψ))
1755    using "→I" "→E" by metis
1756  AOT_thus (𝒜φ & 𝒜ψ)  𝒜(φ & ψ)
1757    by (metis Importation "→E")
1758qed
1759
1760AOT_theorem "act-conj-act:4": 𝒜(𝒜φ  φ)
1761proof -
1762  AOT_have (𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ))  𝒜((𝒜φ  φ) & (φ  𝒜φ))
1763    by (fact "act-conj-act:3")
1764  moreover AOT_have 𝒜(𝒜φ  φ) & 𝒜(φ  𝒜φ)
1765    using "&I" "act-conj-act:1" "act-conj-act:2" by simp
1766  ultimately AOT_have ζ: 𝒜((𝒜φ  φ) & (φ  𝒜φ))
1767    using "→E" by blast
1768  AOT_have 𝒜(((𝒜φ  φ) & (φ  𝒜φ))  (𝒜φ  φ))
1769    using "conventions:3"[THEN "df-rules-formulas[2]",
1770                          THEN act_closure, axiom_inst] by blast
1771  AOT_hence 𝒜((𝒜φ  φ) & (φ  𝒜φ))  𝒜(𝒜φ  φ)
1772    using "act-cond" "→E" by blast
1773  AOT_thus 𝒜(𝒜φ  φ) using ζ "→E" by blast
1774qed
1775
1776(* TODO: Consider introducing AOT_inductive. *)
1777inductive arbitrary_actualization for φ where
1778  arbitrary_actualization φ «𝒜φ»
1779| arbitrary_actualization φ «𝒜ψ» if arbitrary_actualization φ ψ
1780declare arbitrary_actualization.cases[AOT]
1781        arbitrary_actualization.induct[AOT]
1782        arbitrary_actualization.simps[AOT]
1783        arbitrary_actualization.intros[AOT]
1784syntax arbitrary_actualization :: ‹φ'  φ'  AOT_prop›
1785  ("ARBITRARY'_ACTUALIZATION'(_,_')")
1786
1787notepad
1788begin
1789  AOT_modally_strict {
1790    fix φ
1791    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜(𝒜φ  φ))
1792      using AOT_PLM.arbitrary_actualization.intros by metis
1793    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜(𝒜φ  φ))
1794      using AOT_PLM.arbitrary_actualization.intros by metis
1795    AOT_have ARBITRARY_ACTUALIZATION(𝒜φ  φ, 𝒜𝒜𝒜(𝒜φ  φ))
1796      using AOT_PLM.arbitrary_actualization.intros by metis
1797  }
1798end
1799
1800
1801AOT_theorem "closure-act:1":
1802  assumes ARBITRARY_ACTUALIZATION(𝒜φ  φ, ψ)
1803  shows ψ
1804using assms proof(induct)
1805  case 1
1806  AOT_show 𝒜(𝒜φ  φ)
1807    by (simp add: "act-conj-act:4")
1808next
1809  case (2 ψ)
1810  AOT_thus 𝒜ψ
1811    by (metis arbitrary_actualization.simps "≡E"(1)
1812              "logic-actual-nec:4"[axiom_inst])
1813qed
1814
1815AOT_theorem "closure-act:2": α 𝒜(𝒜φ{α}  φ{α})
1816  by (simp add: "act-conj-act:4" "∀I")
1817
1818AOT_theorem "closure-act:3": 𝒜α 𝒜(𝒜φ{α}  φ{α})
1819  by (metis (no_types, lifting) "act-conj-act:4" "≡E"(1,2) "∀I"
1820            "logic-actual-nec:3"[axiom_inst]
1821            "logic-actual-nec:4"[axiom_inst])
1822
1823AOT_theorem "closure-act:4": 𝒜α1...∀αn 𝒜(𝒜φ{α1...αn}  φ{α1...αn})
1824  using "closure-act:3" .
1825
1826AOT_act_theorem "RA[1]":
1827  assumes  φ
1828  shows  𝒜φ
1829  ― ‹While this proof is rejected in PLM,
1830      we merely state it as modally-fragile rule,
1831      which addresses the concern in PLM.›
1832  using "¬¬E" assms "≡E"(3) "logic-actual"[act_axiom_inst]
1833        "logic-actual-nec:1"[axiom_inst] "modus-tollens:2" by blast
1834AOT_theorem "RA[2]":
1835  assumes  φ
1836  shows  𝒜φ
1837  ― ‹This rule is in fact a consequence of RN and
1838      does not require an appeal to the semantics itself.›
1839  using RN assms "nec-imp-act" "vdash-properties:5" by blast
1840AOT_theorem "RA[3]":
1841  assumes Γ  φ
1842  shows 𝒜Γ  𝒜φ
1843  text‹This appears to only be derivable from the semantics,
1844       but apparently no proof actually relies on it.
1845       If this turns out to be required, it is valid to derive it from the
1846       semantics just like RN, but we refrain from doing so, unless necessary.›
1847  (*  using assms by (meson AOT_sem_act imageI) *)
1848  oops
1849
1850AOT_act_theorem "ANeg:1": ¬𝒜φ  ¬φ
1851  by (simp add: "RA[1]" "contraposition:1[1]" "deduction-theorem"
1852                "≡I" "logic-actual"[act_axiom_inst])
1853
1854AOT_act_theorem "ANeg:2": ¬𝒜¬φ  φ
1855  using "ANeg:1" "≡I" "≡E"(5) "useful-tautologies:1"
1856        "useful-tautologies:2" by blast
1857
1858AOT_theorem "Act-Basic:1": 𝒜φ  𝒜¬φ
1859  by (meson "∨I"(1,2) "≡E"(2) "logic-actual-nec:1"[axiom_inst] "raa-cor:1")
1860
1861AOT_theorem "Act-Basic:2": 𝒜(φ & ψ)  (𝒜φ & 𝒜ψ)
1862proof (rule "≡I"; rule "→I")
1863  AOT_assume 𝒜(φ & ψ)
1864  moreover AOT_have 𝒜((φ & ψ)  φ)
1865    by (simp add: "RA[2]" "Conjunction Simplification"(1))
1866  moreover AOT_have 𝒜((φ & ψ)  ψ)
1867    by (simp add: "RA[2]" "Conjunction Simplification"(2))
1868  ultimately AOT_show 𝒜φ & 𝒜ψ
1869    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1870next
1871  AOT_assume 𝒜φ & 𝒜ψ
1872  AOT_thus 𝒜(φ & ψ)
1873    using "act-conj-act:3" "vdash-properties:6" by blast
1874qed
1875
1876AOT_theorem "Act-Basic:3": 𝒜(φ  ψ)  (𝒜(φ  ψ) & 𝒜(ψ  φ))
1877proof (rule "≡I"; rule "→I")
1878  AOT_assume 𝒜(φ  ψ)
1879  moreover AOT_have 𝒜((φ  ψ)  (φ  ψ))
1880    by (simp add: "RA[2]" "deduction-theorem" "≡E"(1))
1881  moreover AOT_have 𝒜((φ  ψ)  (ψ  φ))
1882    by (simp add: "RA[2]" "deduction-theorem" "≡E"(2))
1883  ultimately AOT_show 𝒜(φ  ψ) & 𝒜(ψ  φ)
1884    using "act-cond"[THEN "→E", THEN "→E"] "&I" by metis
1885next
1886  AOT_assume 𝒜(φ  ψ) & 𝒜(ψ  φ)
1887  AOT_hence 𝒜((φ  ψ) & (ψ  φ))
1888    by (metis "act-conj-act:3" "vdash-properties:10")
1889  moreover AOT_have 𝒜(((φ  ψ) & (ψ  φ))  (φ  ψ))
1890    by (simp add: "conventions:3" "RA[2]" "df-rules-formulas[2]"
1891                  "vdash-properties:1[2]")
1892  ultimately AOT_show 𝒜(φ  ψ)
1893    using "act-cond"[THEN "→E", THEN "→E"] by metis
1894qed
1895
1896AOT_theorem "Act-Basic:4": (𝒜(φ  ψ) & 𝒜(ψ  φ))  (𝒜φ  𝒜ψ)
1897proof (rule "≡I"; rule "→I")
1898  AOT_assume 0: 𝒜(φ  ψ) & 𝒜(ψ  φ)
1899  AOT_show 𝒜φ  𝒜ψ
1900    using 0 "&E" "act-cond"[THEN "→E", THEN "→E"] "≡I" "→I" by metis
1901next
1902  AOT_assume 𝒜φ  𝒜ψ
1903  AOT_thus 𝒜(φ  ψ) & 𝒜(ψ  φ)
1904    by (metis "→I" "logic-actual-nec:2"[axiom_inst] "≡E"(1,2) "&I")
1905qed
1906
1907AOT_theorem "Act-Basic:5": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1908  using "Act-Basic:3" "Act-Basic:4" "≡E"(5) by blast
1909
1910AOT_theorem "Act-Basic:6": 𝒜φ  𝒜φ
1911  by (simp add: "≡I" "qml:2"[axiom_inst] "qml-act:1"[axiom_inst])
1912
1913AOT_theorem "Act-Basic:7": 𝒜φ  𝒜φ
1914  by (metis "Act-Basic:6" "→I" "→E" "≡E"(1,2) "nec-imp-act"
1915            "qml-act:2"[axiom_inst])
1916
1917AOT_theorem "Act-Basic:8": φ  𝒜φ
1918  using "Hypothetical Syllogism" "nec-imp-act" "qml-act:1"[axiom_inst] by blast
1919
1920AOT_theorem "Act-Basic:9": 𝒜(φ  ψ)  (𝒜φ  𝒜ψ)
1921proof (rule "≡I"; rule "→I")
1922  AOT_assume 𝒜(φ  ψ)
1923  AOT_thus 𝒜φ  𝒜ψ
1924  proof (rule "raa-cor:3")
1925    AOT_assume ¬(𝒜φ  𝒜ψ)
1926    AOT_hence ¬𝒜φ & ¬𝒜ψ
1927      by (metis "≡E"(1) "oth-class-taut:5:d")
1928    AOT_hence 𝒜¬φ & 𝒜¬ψ
1929      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] "&E" "&I" by metis
1930    AOT_hence 𝒜(¬φ & ¬ψ)
1931      using "≡E" "Act-Basic:2" by metis
1932    moreover AOT_have 𝒜((¬φ & ¬ψ)  ¬(φ  ψ))
1933      using "RA[2]" "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:d" by blast
1934    moreover AOT_have 𝒜(¬φ & ¬ψ)  𝒜(¬(φ  ψ))
1935      using calculation(2) by (metis "Act-Basic:5" "≡E"(1))
1936    ultimately AOT_have 𝒜(¬(φ  ψ)) using "≡E" by blast
1937    AOT_thus ¬𝒜(φ  ψ)
1938      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by auto
1939  qed
1940next
1941  AOT_assume 𝒜φ  𝒜ψ
1942  AOT_thus 𝒜(φ  ψ)
1943    by (meson "RA[2]" "act-cond" "∨I"(1) "∨E"(1) "Disjunction Addition"(1,2))
1944qed
1945
1946AOT_theorem "Act-Basic:10": 𝒜α φ{α}  α 𝒜φ{α}
1947proof -
1948  AOT_have θ: ¬𝒜α ¬φ{α}  ¬α 𝒜¬φ{α}
1949    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1950       (metis "logic-actual-nec:3"[axiom_inst])
1951  AOT_have ξ: ¬α 𝒜¬φ{α}  ¬α ¬𝒜φ{α}
1952    by (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
1953       (rule "logic-actual-nec:1"[THEN universal_closure,
1954               axiom_inst, THEN "cqt-basic:3"[THEN "→E"]])
1955  AOT_have 𝒜(α φ{α})  𝒜(¬α ¬φ{α})
1956    using "conventions:4"[THEN "df-rules-formulas[1]",
1957                          THEN act_closure, axiom_inst]
1958          "conventions:4"[THEN "df-rules-formulas[2]",
1959                          THEN act_closure, axiom_inst]
1960    "Act-Basic:4"[THEN "≡E"(1)] "&I" "Act-Basic:5"[THEN "≡E"(2)] by metis
1961  also AOT_have   ¬𝒜α ¬φ{α}
1962    by (simp add: "logic-actual-nec:1" "vdash-properties:1[2]")
1963  also AOT_have   ¬α 𝒜 ¬φ{α} using θ by blast
1964  also AOT_have   ¬α ¬𝒜 φ{α} using ξ by blast
1965  also AOT_have   α 𝒜 φ{α}
1966    using "conventions:4"[THEN "≡Df"] by (metis "≡E"(6) "oth-class-taut:3:a")
1967  finally AOT_show 𝒜α φ{α}  α 𝒜φ{α} .
1968qed
1969
1970
1971AOT_theorem "Act-Basic:11":
1972  𝒜α(φ{α}  ψ{α})  α(𝒜φ{α}  𝒜ψ{α})
1973proof(rule "≡I"; rule "→I")
1974  AOT_assume 𝒜α(φ{α}  ψ{α})
1975  AOT_hence α𝒜(φ{α}  ψ{α})
1976    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] by blast
1977  AOT_hence 𝒜(φ{α}  ψ{α}) for α using "∀E" by blast
1978  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α by (metis "Act-Basic:5" "≡E"(1))
1979  AOT_thus α(𝒜φ{α}  𝒜ψ{α}) by (rule "∀I")
1980next
1981  AOT_assume α(𝒜φ{α}  𝒜ψ{α})
1982  AOT_hence 𝒜φ{α}  𝒜ψ{α} for α using "∀E" by blast
1983  AOT_hence 𝒜(φ{α}  ψ{α}) for α by (metis "Act-Basic:5" "≡E"(2))
1984  AOT_hence α 𝒜(φ{α}  ψ{α}) by (rule "∀I")
1985  AOT_thus 𝒜α(φ{α}  ψ{α})
1986    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
1987qed
1988
1989AOT_act_theorem "act-quant-uniq":
1990  β(𝒜φ{β}  β = α)  β(φ{β}  β = α)
1991proof(rule "≡I"; rule "→I")
1992  AOT_assume β(𝒜φ{β}  β = α)
1993  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
1994  AOT_hence φ{β}  β = α for β
1995    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
1996    by metis
1997  AOT_thus β(φ{β}  β = α) by (rule "∀I")
1998next
1999  AOT_assume β(φ{β}  β = α)
2000  AOT_hence φ{β}  β = α for β using "∀E" by blast
2001  AOT_hence 𝒜φ{β}  β = α for β
2002    using "≡I" "→I" "RA[1]" "≡E"(1,2) "logic-actual"[act_axiom_inst] "→E"
2003    by metis
2004  AOT_thus β(𝒜φ{β}  β = α) by (rule "∀I")
2005qed
2006
2007AOT_act_theorem "fund-cont-desc": x = ιx(φ{x})  z(φ{z}  z = x)
2008  using descriptions[axiom_inst] "act-quant-uniq" "≡E"(5) by fast
2009
2010AOT_act_theorem hintikka: x = ιx(φ{x})  (φ{x} & z (φ{z}  z = x))
2011  using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3"
2012        "fund-cont-desc" "≡E"(5) by blast
2013
2014
2015locale russell_axiom =
2016  fixes ψ
2017  assumes ψ_denotes_asm: "[v  ψ{κ}]  [v  κ]"
2018begin
2019AOT_act_theorem "russell-axiom":
2020  ψ{ιx φ{x}}  x(φ{x} & z(φ{z}  z = x) & ψ{x})
2021proof -
2022  AOT_have b: x (x = ιx φ{x}  (φ{x} & z(φ{z}  z = x)))
2023    using hintikka "∀I" by fast
2024  show ?thesis
2025  proof(rule "≡I"; rule "→I")
2026    AOT_assume c: ψ{ιx φ{x}}
2027    AOT_hence d: ιx φ{x}
2028      using ψ_denotes_asm by blast
2029    AOT_hence y (y = ιx φ{x})
2030      by (metis "rule=I:1" "existential:1")
2031    then AOT_obtain a where a_def: a = ιx φ{x}
2032      using "instantiation"[rotated] by blast
2033    moreover AOT_have a = ιx φ{x}  (φ{a} & z(φ{z}  z = a))
2034      using b "∀E" by blast
2035    ultimately AOT_have φ{a} & z(φ{z}  z = a)
2036      using "≡E" by blast
2037    moreover AOT_have ψ{a}
2038    proof - 
2039      AOT_have 1: xy(x = y  y = x)
2040        by (simp add: "id-eq:2" "universal-cor")
2041      AOT_have a = ιx φ{x}   ιx φ{x} = a
2042        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2043           (auto simp: 1 d "universal-cor")
2044      AOT_thus ψ{a}
2045        using a_def c "rule=E" "→E" by blast
2046    qed
2047    ultimately AOT_have φ{a} & z(φ{z}  z = a) & ψ{a} by (rule "&I")
2048    AOT_thus x(φ{x} & z(φ{z}  z = x) & ψ{x}) by (rule "∃I")
2049  next
2050    AOT_assume x(φ{x} & z(φ{z}  z = x) & ψ{x})
2051    then AOT_obtain b where g: φ{b} & z(φ{z}  z = b) & ψ{b}
2052      using "instantiation"[rotated] by blast
2053    AOT_hence h: b = ιx φ{x}  (φ{b} & z(φ{z}  z = b))
2054      using b "∀E" by blast
2055    AOT_have φ{b} & z(φ{z}  z = b) and j: ψ{b}
2056      using g "&E" by blast+
2057    AOT_hence b = ιx φ{x} using h "≡E" by blast
2058    AOT_thus ψ{ιx φ{x}} using j "rule=E" by blast
2059  qed
2060qed
2061end
2062
2063interpretation "russell-axiom[exe,1]": russell_axiom λ κ . «[Π]κ»
2064  by standard (metis "cqt:5:a[1]"[axiom_inst, THEN "→E"] "&E"(2))
2065interpretation "russell-axiom[exe,2,1,1]": russell_axiom λ κ . «[Π]κκ'»
2066  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E")
2067interpretation "russell-axiom[exe,2,1,2]": russell_axiom λ κ . «[Π]κ'κ»
2068  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2069interpretation "russell-axiom[exe,2,2]": russell_axiom λ κ . «[Π]κκ»
2070  by standard (metis "cqt:5:a[2]"[axiom_inst, THEN "→E"] "&E"(2))
2071interpretation "russell-axiom[exe,3,1,1]": russell_axiom λ κ . «[Π]κκ'κ''»
2072  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2073interpretation "russell-axiom[exe,3,1,2]": russell_axiom λ κ . «[Π]κ'κκ''»
2074  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2075interpretation "russell-axiom[exe,3,1,3]": russell_axiom λ κ . «[Π]κ'κ''κ»
2076  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2077interpretation "russell-axiom[exe,3,2,1]": russell_axiom λ κ . «[Π]κκκ'»
2078  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E")
2079interpretation "russell-axiom[exe,3,2,2]": russell_axiom λ κ . «[Π]κκ'κ»
2080  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2081interpretation "russell-axiom[exe,3,2,3]": russell_axiom λ κ . «[Π]κ'κκ»
2082  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2083interpretation "russell-axiom[exe,3,3]": russell_axiom λ κ . «[Π]κκκ»
2084  by standard (metis "cqt:5:a[3]"[axiom_inst, THEN "→E"] "&E"(2))
2085
2086interpretation "russell-axiom[enc,1]": russell_axiom λ κ . «κ[Π]»
2087  by standard (metis "cqt:5:b[1]"[axiom_inst, THEN "→E"] "&E"(2))
2088interpretation "russell-axiom[enc,2,1]": russell_axiom λ κ . «κκ'[Π]»
2089  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E")
2090interpretation "russell-axiom[enc,2,2]": russell_axiom λ κ . «κ'κ[Π]»
2091  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2092interpretation "russell-axiom[enc,2,3]": russell_axiom λ κ . «κκ[Π]»
2093  by standard (metis "cqt:5:b[2]"[axiom_inst, THEN "→E"] "&E"(2))
2094interpretation "russell-axiom[enc,3,1,1]": russell_axiom λ κ . «κκ'κ''[Π]»
2095  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2096interpretation "russell-axiom[enc,3,1,2]": russell_axiom λ κ . «κ'κκ''[Π]»
2097  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2098interpretation "russell-axiom[enc,3,1,3]": russell_axiom λ κ . «κ'κ''κ[Π]»
2099  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2100interpretation "russell-axiom[enc,3,2,1]": russell_axiom λ κ . «κκκ'[Π]»
2101  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E")
2102interpretation "russell-axiom[enc,3,2,2]": russell_axiom λ κ . «κκ'κ[Π]»
2103  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2104interpretation "russell-axiom[enc,3,2,3]": russell_axiom λ κ . «κ'κκ[Π]»
2105  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2106interpretation "russell-axiom[enc,3,3]": russell_axiom λ κ . «κκκ[Π]»
2107  by standard (metis "cqt:5:b[3]"[axiom_inst, THEN "→E"] "&E"(2))
2108
2109AOT_act_theorem "!-exists:1": ιx φ{x}  ∃!x φ{x}
2110proof(rule "≡I"; rule "→I")
2111  AOT_assume ιx φ{x}
2112  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2113  then AOT_obtain a where a = ιx φ{x}
2114    using "instantiation"[rotated] by blast
2115  AOT_hence φ{a} & z (φ{z}  z = a)
2116    using hintikka "≡E" by blast
2117  AOT_hence x (φ{x} & z (φ{z}  z = x))
2118    by (rule "∃I")
2119  AOT_thus ∃!x φ{x}
2120    using "uniqueness:1"[THEN "≡dfI"] by blast
2121next
2122  AOT_assume ∃!x φ{x}
2123  AOT_hence x (φ{x} & z (φ{z}  z = x))
2124    using "uniqueness:1"[THEN "≡dfE"] by blast
2125  then AOT_obtain b where φ{b} & z (φ{z}  z = b)
2126    using "instantiation"[rotated] by blast
2127  AOT_hence b = ιx φ{x}
2128    using hintikka "≡E" by blast
2129  AOT_thus ιx φ{x}
2130    by (metis "t=t-proper:2" "vdash-properties:6")
2131qed
2132
2133AOT_act_theorem "!-exists:2": y(y=ιx φ{x})  ∃!x φ{x}
2134  using "!-exists:1" "free-thms:1" "≡E"(6) by blast
2135
2136AOT_act_theorem "y-in:1": x = ιx φ{x}  φ{x}
2137  using "&E"(1) "→I" hintikka "≡E"(1) by blast
2138
2139(* Note: generalized alphabetic variant of the last theorem *)
2140AOT_act_theorem "y-in:2": z = ιx φ{x}  φ{z} using "y-in:1".
2141
2142AOT_act_theorem "y-in:3": ιx φ{x}  φ{ιx φ{x}}
2143proof(rule "→I")
2144  AOT_assume ιx φ{x}
2145  AOT_hence y (y = ιx φ{x})
2146    by (metis "rule=I:1" "existential:1")
2147  then AOT_obtain a where a = ιx φ{x}
2148    using "instantiation"[rotated] by blast
2149  moreover AOT_have φ{a}
2150    using calculation hintikka "≡E"(1) "&E" by blast
2151  ultimately AOT_show φ{ιx φ{x}} using "rule=E" by blast
2152qed
2153
2154AOT_act_theorem "y-in:4": y (y = ιx φ{x})  φ{ιx φ{x}}
2155  using "y-in:3"[THEN "→E"] "free-thms:1"[THEN "≡E"(2)] "→I" by blast
2156
2157
2158AOT_theorem "act-quant-nec":
2159  β (𝒜φ{β}  β = α)  β(𝒜𝒜φ{β}  β = α)
2160proof(rule "≡I"; rule "→I")
2161  AOT_assume β (𝒜φ{β}  β = α)
2162  AOT_hence 𝒜φ{β}  β = α for β using "∀E" by blast
2163  AOT_hence 𝒜𝒜φ{β}  β = α for β 
2164    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2165  AOT_thus β(𝒜𝒜φ{β}  β = α)
2166    by (rule "∀I")
2167next
2168  AOT_assume β(𝒜𝒜φ{β}  β = α)
2169  AOT_hence 𝒜𝒜φ{β}  β = α for β using "∀E" by blast
2170  AOT_hence 𝒜φ{β}  β = α for β
2171    by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2172  AOT_thus β (𝒜φ{β}  β = α)
2173    by (rule "∀I")
2174qed
2175
2176AOT_theorem "equi-desc-descA:1": x = ιx φ{x}  x = ιx(𝒜φ{x})
2177proof -
2178  AOT_have x = ιx φ{x}  z (𝒜φ{z}  z = x)
2179    using descriptions[axiom_inst] by blast
2180  also AOT_have ...  z (𝒜𝒜φ{z}  z = x)
2181  proof(rule "≡I"; rule "→I"; rule "∀I")
2182    AOT_assume z (𝒜φ{z}  z = x)
2183    AOT_hence 𝒜φ{a}  a = x for a
2184      using "∀E" by blast
2185    AOT_thus 𝒜𝒜φ{a}  a = x for a
2186      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(5))
2187  next
2188    AOT_assume z (𝒜𝒜φ{z}  z = x)
2189    AOT_hence 𝒜𝒜φ{a}  a = x for a
2190      using "∀E" by blast
2191    AOT_thus 𝒜φ{a}  a = x for a
2192      by (metis "Act-Basic:5" "act-conj-act:4" "≡E"(1) "≡E"(6))
2193  qed
2194  also AOT_have ...  x = ιx(𝒜φ{x})
2195    using "Commutativity of ≡"[THEN "≡E"(1)] descriptions[axiom_inst] by fast
2196  finally show ?thesis .
2197qed
2198
2199AOT_theorem "equi-desc-descA:2": ιx φ{x}  ιx φ{x} = ιx(𝒜φ{x})
2200proof(rule "→I")
2201  AOT_assume ιx φ{x}
2202  AOT_hence y (y = ιx φ{x})
2203    by (metis "rule=I:1" "existential:1")
2204  then AOT_obtain a where a = ιx φ{x}
2205    using "instantiation"[rotated] by blast
2206  moreover AOT_have a = ιx(𝒜φ{x})
2207    using calculation "equi-desc-descA:1"[THEN "≡E"(1)] by blast
2208  ultimately AOT_show ιx φ{x} = ιx(𝒜φ{x})
2209    using "rule=E" by fast
2210qed
2211
2212AOT_theorem "nec-hintikka-scheme":
2213  x = ιx φ{x}  𝒜φ{x} & z(𝒜φ{z}  z = x)
2214proof -
2215  AOT_have x = ιx φ{x}  z(𝒜φ{z}  z = x)
2216    using descriptions[axiom_inst] by blast
2217  also AOT_have   (𝒜φ{x} & z(𝒜φ{z}  z = x))
2218    using "Commutativity of ≡"[THEN "≡E"(1)] "term-out:3" by fast
2219  finally show ?thesis.
2220qed
2221
2222AOT_theorem "equiv-desc-eq:1":
2223  𝒜x(φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2224proof(rule "→I"; rule "∀I")
2225  fix β
2226  AOT_assume 𝒜x(φ{x}  ψ{x})
2227  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2228    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(1)] "∀E"(2) by blast
2229  AOT_hence 0: 𝒜φ{x}  𝒜ψ{x} for x
2230    by (metis "Act-Basic:5" "≡E"(1))
2231  AOT_have β = ιx φ{x}  𝒜φ{β} & z(𝒜φ{z}  z = β)
2232    using "nec-hintikka-scheme" by blast
2233  also AOT_have ...  𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2234  proof (rule "≡I"; rule "→I")
2235    AOT_assume 1: 𝒜φ{β} & z(𝒜φ{z}  z = β)
2236    AOT_hence 𝒜φ{z}  z = β for z
2237      using "&E" "∀E" by blast
2238    AOT_hence 𝒜ψ{z}  z = β for z
2239      using 0 "≡E" "→I" "→E" by metis
2240    AOT_hence z(𝒜ψ{z}  z = β)
2241      using "∀I" by fast
2242    moreover AOT_have 𝒜ψ{β}
2243      using "&E" 0[THEN "≡E"(1)] 1 by blast
2244    ultimately AOT_show 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2245      using "&I" by blast
2246  next
2247    AOT_assume 1: 𝒜ψ{β} & z(𝒜ψ{z}  z = β)
2248    AOT_hence 𝒜ψ{z}  z = β for z
2249      using "&E" "∀E" by blast
2250    AOT_hence 𝒜φ{z}  z = β for z
2251      using 0 "≡E" "→I" "→E" by metis
2252    AOT_hence z(𝒜φ{z}  z = β)
2253      using "∀I" by fast
2254    moreover AOT_have 𝒜φ{β}
2255      using "&E" 0[THEN "≡E"(2)] 1 by blast
2256    ultimately AOT_show 𝒜φ{β} & z(𝒜φ{z}  z = β)
2257      using "&I" by blast
2258  qed
2259  also AOT_have ...  β = ιx ψ{x}
2260    using "Commutativity of ≡"[THEN "≡E"(1)] "nec-hintikka-scheme" by blast
2261  finally AOT_show β = ιx φ{x}  β = ιx ψ{x} .
2262qed
2263
2264AOT_theorem "equiv-desc-eq:2":
2265  ιx φ{x} & 𝒜x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2266proof(rule "→I")
2267  AOT_assume ιx φ{x} & 𝒜x(φ{x}  ψ{x})
2268  AOT_hence 0: y (y = ιx φ{x}) and
2269            1: x (x = ιx φ{x}  x = ιx ψ{x})
2270    using "&E" "free-thms:1"[THEN "≡E"(1)] "equiv-desc-eq:1" "→E" by blast+
2271  then AOT_obtain a where a = ιx φ{x}
2272    using "instantiation"[rotated] by blast
2273  moreover AOT_have a = ιx ψ{x}
2274    using calculation 1 "∀E" "≡E"(1) by fast
2275  ultimately AOT_show ιx φ{x} = ιx ψ{x}
2276    using "rule=E" by fast
2277qed
2278
2279AOT_theorem "equiv-desc-eq:3":
2280  ιx φ{x} & x(φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2281  using "→I" "equiv-desc-eq:2"[THEN "→E", OF "&I"] "&E"
2282        "nec-imp-act"[THEN "→E"] by metis
2283
2284(* Note: this is a special case of "exist-nec" *)
2285AOT_theorem "equiv-desc-eq:4": ιx φ{x}  ιx φ{x}
2286proof(rule "→I")
2287  AOT_assume ιx φ{x}
2288  AOT_hence y (y = ιx φ{x})
2289    by (metis "rule=I:1" "existential:1")
2290  then AOT_obtain a where a = ιx φ{x}
2291    using "instantiation"[rotated] by blast
2292  AOT_thus ιx φ{x}
2293    using "ex:2:a" "rule=E" by fast
2294qed
2295
2296AOT_theorem "equiv-desc-eq:5": ιx φ{x}  y (y = ιx φ{x})
2297proof(rule "→I")
2298  AOT_assume ιx φ{x}
2299  AOT_hence y (y = ιx φ{x})
2300    by (metis "rule=I:1" "existential:1")
2301  then AOT_obtain a where a = ιx φ{x}
2302    using "instantiation"[rotated] by blast
2303  AOT_hence (a = ιx φ{x})
2304    by (metis "id-nec:2" "vdash-properties:10")
2305  AOT_thus y (y = ιx φ{x})
2306    by (rule "∃I")
2307qed
2308
2309AOT_act_theorem "equiv-desc-eq2:1":
2310  x (φ{x}  ψ{x})  x (x = ιx φ{x}  x = ιx ψ{x})
2311  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2312        "equiv-desc-eq:1"[THEN "→E"]
2313        "RA[1]" "deduction-theorem" by blast
2314
2315AOT_act_theorem "equiv-desc-eq2:2":
2316  ιx φ{x} & x (φ{x}  ψ{x})  ιx φ{x} = ιx ψ{x}
2317  using "→I" "logic-actual"[act_axiom_inst, THEN "→E"]
2318        "equiv-desc-eq:2"[THEN "→E", OF "&I"]
2319        "RA[1]" "deduction-theorem" "&E" by metis
2320
2321context russell_axiom
2322begin
2323AOT_theorem "nec-russell-axiom":
2324  ψ{ιx φ{x}}  x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2325proof -
2326  AOT_have b: x (x = ιx φ{x}  (𝒜φ{x} & z(𝒜φ{z}  z = x)))
2327    using "nec-hintikka-scheme" "∀I" by fast
2328  show ?thesis
2329  proof(rule "≡I"; rule "→I")
2330    AOT_assume c: ψ{ιx φ{x}}
2331    AOT_hence d: ιx φ{x}
2332      using ψ_denotes_asm by blast
2333    AOT_hence y (y = ιx φ{x})
2334      by (metis "rule=I:1" "existential:1")
2335    then AOT_obtain a where a_def: a = ιx φ{x}
2336      using "instantiation"[rotated] by blast
2337    moreover AOT_have a = ιx φ{x}  (𝒜φ{a} & z(𝒜φ{z}  z = a))
2338      using b "∀E" by blast
2339    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a)
2340      using "≡E" by blast
2341    moreover AOT_have ψ{a}
2342    proof - 
2343      AOT_have 1: xy(x = y  y = x)
2344        by (simp add: "id-eq:2" "universal-cor")
2345      AOT_have a = ιx φ{x}   ιx φ{x} = a
2346        by (rule "∀E"(1)[where τ="«ιx φ{x}»"]; rule "∀E"(2)[where β=a])
2347           (auto simp: d "universal-cor" 1)
2348      AOT_thus ψ{a}
2349        using a_def c "rule=E" "→E" by metis
2350    qed
2351    ultimately AOT_have 𝒜φ{a} & z(𝒜φ{z}  z = a) & ψ{a}
2352      by (rule "&I")
2353    AOT_thus x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2354      by (rule "∃I")
2355  next
2356    AOT_assume x(𝒜φ{x} & z(𝒜φ{z}  z = x) & ψ{x})
2357    then AOT_obtain b where g: 𝒜φ{b} & z(𝒜φ{z}  z = b) & ψ{b}
2358      using "instantiation"[rotated] by blast
2359    AOT_hence h: b = ιx φ{x}  (𝒜φ{b} & z(𝒜φ{z}  z = b))
2360      using b "∀E" by blast
2361    AOT_have 𝒜φ{b} & z(𝒜φ{z}  z = b) and j: ψ{b}
2362      using g "&E" by blast+
2363    AOT_hence b = ιx φ{x}
2364      using h "≡E" by blast
2365    AOT_thus ψ{ιx φ{x}}
2366      using j "rule=E" by blast
2367  qed
2368qed
2369end
2370
2371AOT_theorem "actual-desc:1": ιx φ{x}  ∃!x 𝒜φ{x}
2372proof (rule "≡I"; rule "→I")
2373  AOT_assume ιx φ{x}
2374  AOT_hence y (y = ιx φ{x})
2375    by (metis "rule=I:1" "existential:1")
2376  then AOT_obtain a where a = ιx φ{x}
2377    using "instantiation"[rotated] by blast
2378  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2379    using descriptions[axiom_inst] by blast
2380  ultimately AOT_have z(𝒜φ{z}  z = a)
2381    using "≡E" by blast
2382  AOT_hence xz(𝒜φ{z}  z = x) by (rule "∃I")
2383  AOT_thus ∃!x 𝒜φ{x}
2384    using "uniqueness:2"[THEN "≡E"(2)] by fast
2385next
2386  AOT_assume ∃!x 𝒜φ{x}
2387  AOT_hence xz(𝒜φ{z}  z = x)
2388    using "uniqueness:2"[THEN "≡E"(1)] by fast
2389  then AOT_obtain a where z(𝒜φ{z}  z = a)
2390    using "instantiation"[rotated] by blast
2391  moreover AOT_have a = ιx φ{x}  z(𝒜φ{z}  z = a)
2392    using descriptions[axiom_inst] by blast
2393  ultimately AOT_have a = ιx φ{x}
2394    using "≡E" by blast
2395  AOT_thus ιx φ{x}
2396    by (metis "t=t-proper:2" "vdash-properties:6")
2397qed
2398
2399AOT_theorem "actual-desc:2": x = ιx φ{x}  𝒜φ{x}
2400  using "&E"(1) "contraposition:1[2]" "≡E"(1) "nec-hintikka-scheme"
2401        "reductio-aa:2" "vdash-properties:9" by blast
2402
2403(* Note: generalized alphabetic variant of the last theorem *)
2404AOT_theorem "actual-desc:3": z = ιx φ{x}  𝒜φ{z}
2405  using "actual-desc:2".
2406
2407AOT_theorem "actual-desc:4": ιx φ{x}  𝒜φ{ιx φ{x}}
2408proof(rule "→I")
2409  AOT_assume ιx φ{x}
2410  AOT_hence y (y = ιx φ{x}) by (metis "rule=I:1" "existential:1")
2411  then AOT_obtain a where a = ιx φ{x} using "instantiation"[rotated] by blast
2412  AOT_thus 𝒜φ{ιx φ{x}}
2413    using "actual-desc:2" "rule=E" "→E" by fast
2414qed
2415
2416AOT_theorem "actual-desc:5": ιx φ{x} = ιx ψ{x}  𝒜x(φ{x}  ψ{x})
2417proof(rule "→I")
2418  AOT_assume 0: ιx φ{x} = ιx ψ{x}
2419  AOT_hence φ_down: ιx φ{x} and ψ_down: ιx ψ{x}
2420    using "t=t-proper:1" "t=t-proper:2" "vdash-properties:6" by blast+
2421  AOT_hence y (y = ιx φ{x}) and y (y = ιx ψ{x})
2422    by (metis "rule=I:1" "existential:1")+
2423  then AOT_obtain a and b where a_eq: a = ιx φ{x} and b_eq: b = ιx ψ{x}
2424    using "instantiation"[rotated] by metis
2425
2426  AOT_have αβ (α = β  β = α)
2427    by (rule "∀I"; rule "∀I"; rule "id-eq:2")
2428  AOT_hence β (ιx φ{x} = β  β = ιx φ{x})
2429    using "∀E" φ_down by blast
2430  AOT_hence ιx φ{x} = ιx ψ{x}  ιx ψ{x} = ιx φ{x}
2431    using "∀E" ψ_down by blast
2432  AOT_hence 1: ιx ψ{x} = ιx φ{x} using 0
2433    "→E" by blast
2434
2435  AOT_have 𝒜φ{x}  𝒜ψ{x} for x
2436  proof(rule "≡I"; rule "→I")
2437    AOT_assume 𝒜φ{x}
2438    moreover AOT_have 𝒜φ{x}  x = a for x
2439      using "nec-hintikka-scheme"[THEN "≡E"(1), OF a_eq, THEN "&E"(2)]
2440            "∀E" by blast
2441    ultimately AOT_have x = a
2442      using "→E" by blast
2443    AOT_hence x = ιx φ{x}
2444      using a_eq "rule=E" by blast
2445    AOT_hence x = ιx ψ{x}
2446      using 0 "rule=E" by blast
2447    AOT_thus 𝒜ψ{x}
2448      by (metis "actual-desc:3" "vdash-properties:6")
2449  next
2450    AOT_assume 𝒜ψ{x}
2451    moreover AOT_have 𝒜ψ{x}  x = b for x
2452      using "nec-hintikka-scheme"[THEN "≡E"(1), OF b_eq, THEN "&E"(2)]
2453            "∀E" by blast
2454    ultimately AOT_have x = b
2455      using "→E" by blast
2456    AOT_hence x = ιx ψ{x}
2457      using b_eq "rule=E" by blast
2458    AOT_hence x = ιx φ{x}
2459      using 1 "rule=E" by blast
2460    AOT_thus 𝒜φ{x}
2461      by (metis "actual-desc:3" "vdash-properties:6")
2462  qed
2463  AOT_hence 𝒜(φ{x}  ψ{x}) for x
2464    by (metis "Act-Basic:5" "≡E"(2))
2465  AOT_hence x 𝒜(φ{x}  ψ{x})
2466    by (rule "∀I")
2467  AOT_thus 𝒜x (φ{x}  ψ{x})
2468    using "logic-actual-nec:3"[axiom_inst, THEN "≡E"(2)] by fast
2469qed    
2470
2471AOT_theorem "!box-desc:1": ∃!x φ{x}  y (y = ιx φ{x}  φ{y})
2472proof(rule "→I")
2473  AOT_assume ∃!x φ{x}
2474  AOT_hence ζ: x (φ{x} & z (φ{z}  z = x))
2475    using "uniqueness:1"[THEN "≡dfE"] by blast
2476  then AOT_obtain b where θ: φ{b} & z (φ{z}  z = b)
2477    using "instantiation"[rotated] by blast
2478  AOT_show y (y = ιx φ{x}  φ{y})
2479  proof(rule GEN; rule "→I")
2480    fix y
2481    AOT_assume y = ιx φ{x}
2482    AOT_hence 𝒜φ{y} & z (𝒜φ{z}  z = y)
2483      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
2484    AOT_hence 𝒜φ{b}  b = y
2485      using "&E" "∀E" by blast
2486    moreover AOT_have 𝒜φ{b}
2487      using θ[THEN "&E"(1)]  by (metis "nec-imp-act" "→E")
2488    ultimately AOT_have b = y
2489      using "→E" by blast
2490    moreover AOT_have φ{b}
2491      using θ[THEN "&E"(1)]  by (metis "qml:2"[axiom_inst] "→E") 
2492    ultimately AOT_show φ{y}
2493      using "rule=E" by blast
2494  qed
2495qed
2496
2497AOT_theorem "!box-desc:2":
2498  x (φ{x}  φ{x})  (∃!x φ{x}  y (y = ιx φ{x}  φ{y}))
2499proof(rule "→I"; rule "→I")
2500  AOT_assume x (φ{x}  φ{x})
2501  moreover AOT_assume ∃!x φ{x}
2502  ultimately AOT_have ∃!x φ{x}
2503    using "nec-exist-!"[THEN "→E", THEN "→E"] by blast
2504  AOT_thus y (y = ιx φ{x}  φ{y})
2505    using "!box-desc:1" "→E" by blast
2506qed
2507
2508(* Note: vacuous in the embedding. *)
2509AOT_theorem "dr-alphabetic-thm": ιν φ{ν}  ιν φ{ν} = ιμ φ{μ}
2510  by (simp add: "rule=I:1" "→I")
2511
2512subsection‹The Theory of Necessity›
2513text‹\label{PLM: 9.9}›
2514
2515AOT_theorem "RM:1[prem]":
2516  assumes Γ  φ  ψ
2517  shows Γ  φ  ψ
2518proof -
2519  AOT_have Γ  (φ  ψ)
2520    using "RN[prem]" assms by blast
2521  AOT_thus Γ  φ  ψ
2522    by (metis "qml:1"[axiom_inst] "→E")
2523qed
2524
2525AOT_theorem "RM:1":
2526  assumes  φ  ψ
2527  shows  φ  ψ
2528  using "RM:1[prem]" assms by blast
2529
2530lemmas RM = "RM:1"
2531
2532AOT_theorem "RM:2[prem]":
2533  assumes Γ  φ  ψ
2534  shows Γ  φ  ψ
2535proof -
2536  AOT_have Γ  ¬ψ  ¬φ
2537    using assms 
2538    by (simp add: "contraposition:1[1]")
2539  AOT_hence Γ  ¬ψ  ¬φ
2540    using "RM:1[prem]" by blast
2541  AOT_thus Γ  φ  ψ
2542    by (meson "≡dfE" "≡dfI" "conventions:5" "→I" "modus-tollens:1")
2543qed
2544
2545AOT_theorem "RM:2":
2546  assumes  φ  ψ
2547  shows  φ  ψ
2548  using "RM:2[prem]" assms by blast
2549
2550lemmas "RM◇" = "RM:2"
2551
2552AOT_theorem "RM:3[prem]":
2553  assumes Γ  φ  ψ
2554  shows Γ  φ  ψ
2555proof -
2556  AOT_have Γ  φ  ψ and Γ  ψ  φ
2557    using assms "≡E" "→I" by metis+
2558  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2559    using "RM:1[prem]" by metis+
2560  AOT_thus Γ  φ  ψ
2561    by (simp add: "≡I")
2562qed
2563
2564AOT_theorem "RM:3":
2565  assumes  φ  ψ
2566  shows  φ  ψ
2567  using "RM:3[prem]" assms by blast
2568
2569lemmas RE = "RM:3"
2570
2571AOT_theorem "RM:4[prem]":
2572  assumes Γ  φ  ψ
2573  shows Γ  φ  ψ
2574proof -
2575  AOT_have Γ  φ  ψ and Γ  ψ  φ
2576    using assms "≡E" "→I" by metis+
2577  AOT_hence Γ  φ  ψ and Γ  ψ  φ
2578    using "RM:2[prem]" by metis+
2579  AOT_thus Γ  φ  ψ
2580    by (simp add: "≡I")
2581qed
2582
2583AOT_theorem "RM:4":
2584  assumes  φ  ψ
2585  shows  φ  ψ
2586  using "RM:4[prem]" assms by blast
2587
2588lemmas "RE◇" = "RM:4"
2589
2590AOT_theorem "KBasic:1": φ  (ψ  φ)
2591  by (simp add: RM "pl:1"[axiom_inst])
2592
2593AOT_theorem "KBasic:2": ¬φ  (φ  ψ)
2594  by (simp add: RM "useful-tautologies:3")
2595
2596AOT_theorem "KBasic:3": (φ & ψ)  (φ & ψ)
2597proof (rule "≡I"; rule "→I")
2598  AOT_assume (φ & ψ)
2599  AOT_thus φ & ψ
2600    by (meson RM "&I" "Conjunction Simplification"(1, 2) "→E")
2601next
2602  AOT_have φ  (ψ  (φ & ψ))
2603    by (simp add: "RM:1" Adjunction)
2604  AOT_hence φ  (ψ  (φ & ψ))
2605    by (metis "Hypothetical Syllogism" "qml:1"[axiom_inst])
2606  moreover AOT_assume φ & ψ
2607  ultimately AOT_show (φ & ψ)
2608    using "→E" "&E" by blast
2609qed
2610
2611AOT_theorem "KBasic:4": (φ  ψ)  ((φ  ψ) & (ψ  φ))
2612proof -
2613  AOT_have θ: ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2614    by (fact "KBasic:3")
2615  AOT_modally_strict {
2616    AOT_have (φ  ψ)  ((φ  ψ) & (ψ  φ))
2617      by (fact "conventions:3"[THEN "≡Df"])
2618  }
2619  AOT_hence ξ: (φ  ψ)  ((φ  ψ) & (ψ  φ))
2620    by (rule RE)
2621  with ξ and θ AOT_show (φ  ψ)  ((φ  ψ) & (ψ  φ))
2622    using "≡E"(5) by blast
2623qed
2624
2625AOT_theorem "KBasic:5": ((φ  ψ) & (ψ  φ))  (φ  ψ)
2626proof -
2627  AOT_have (φ  ψ)  (φ  ψ)
2628    by (fact "qml:1"[axiom_inst])
2629  moreover AOT_have (ψ  φ)  (ψ  φ)
2630    by (fact "qml:1"[axiom_inst])
2631  ultimately AOT_have ((φ  ψ) & (ψ  φ))  ((φ  ψ) & (ψ  φ))
2632    by (metis "&I" MP "Double Composition")
2633  moreover AOT_have ((φ  ψ) & (ψ  φ))  (φ  ψ)
2634    using "conventions:3"[THEN "≡dfI"] "→I" by blast
2635  ultimately AOT_show ((φ  ψ) & (ψ  φ))  (φ  ψ)
2636    by (metis "Hypothetical Syllogism")
2637qed
2638
2639AOT_theorem "KBasic:6": (φ ψ)  (φ  ψ)
2640  using "KBasic:4" "KBasic:5" "deduction-theorem" "≡E"(1) "→E" by blast
2641AOT_theorem "KBasic:7": ((φ & ψ)  (¬φ & ¬ψ))  (φ  ψ)
2642proof (rule "→I"; drule "∨E"(1); (rule "→I")?)
2643  AOT_assume φ & ψ
2644  AOT_hence φ and ψ using "&E" by blast+
2645  AOT_hence (φ  ψ) and (ψ  φ) using "KBasic:1" "→E" by blast+
2646  AOT_hence (φ  ψ) & (ψ  φ) using "&I" by blast
2647  AOT_thus (φ  ψ)  by (metis "KBasic:4" "≡E"(2))
2648next
2649  AOT_assume ¬φ & ¬ψ
2650  AOT_hence 0: (¬φ & ¬ψ) using "KBasic:3"[THEN "≡E"(2)] by blast
2651  AOT_modally_strict {
2652    AOT_have (¬φ & ¬ψ)  (φ  ψ)
2653      by (metis "&E"(1) "&E"(2) "deduction-theorem" "≡I" "reductio-aa:1")
2654  }
2655  AOT_hence (¬φ & ¬ψ)  (φ  ψ)
2656    by (rule RM)
2657  AOT_thus (φ  ψ) using 0 "→E" by blast
2658qed(auto)
2659
2660AOT_theorem "KBasic:8": (φ & ψ)  (φ  ψ)
2661  by (meson "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I")
2662AOT_theorem "KBasic:9": (¬φ & ¬ψ)  (φ  ψ)
2663  by (metis "RM:1" "&E"(1) "&E"(2) "deduction-theorem" "≡I" "raa-cor:4")
2664AOT_theorem "KBasic:10": φ  ¬¬φ
2665  by (simp add: "RM:3" "oth-class-taut:3:b")
2666AOT_theorem "KBasic:11": ¬φ  ¬φ
2667proof (rule "≡I"; rule "→I")
2668  AOT_show ¬φ if ¬φ
2669    using that "≡dfI" "conventions:5" "KBasic:10" "≡E"(3) by blast
2670next
2671  AOT_show ¬φ if ¬φ
2672    using "≡dfE" "conventions:5" "KBasic:10" "≡E"(4) that by blast
2673qed
2674AOT_theorem "KBasic:12": φ  ¬¬φ
2675proof (rule "≡I"; rule "→I")
2676  AOT_show ¬¬φ if φ
2677    using "¬¬I" "KBasic:11" "≡E"(3) that by blast
2678next
2679  AOT_show φ if ¬¬φ
2680  using "KBasic:11" "≡E"(1) "reductio-aa:1" that by blast
2681qed
2682AOT_theorem "KBasic:13": (φ  ψ)  (φ  ψ)
2683proof -
2684  AOT_have φ  ψ  φ  ψ by blast
2685  AOT_hence (φ  ψ)  φ  ψ
2686    using "RM:2[prem]" by blast
2687  AOT_thus (φ  ψ)  (φ  ψ) using "→I" by blast
2688qed
2689lemmas "K◇" = "KBasic:13"
2690AOT_theorem "KBasic:14": φ  ¬¬φ
2691  by (meson "RE◇" "KBasic:11" "KBasic:12" "≡E"(6) "oth-class-taut:3:a")
2692AOT_theorem "KBasic:15": (φ  ψ)  (φ  ψ)
2693proof -
2694  AOT_modally_strict {
2695    AOT_have φ  (φ  ψ) and ψ  (φ  ψ)
2696      by (auto simp: "Disjunction Addition"(1) "Disjunction Addition"(2))
2697  }
2698  AOT_hence φ  (φ  ψ) and ψ  (φ  ψ)
2699    using RM by blast+
2700  AOT_thus (φ  ψ)  (φ  ψ)
2701    by (metis "∨E"(1) "deduction-theorem")
2702qed
2703
2704AOT_theorem "KBasic:16": (φ & ψ)  (φ & ψ)
2705  by (meson "KBasic:13" "RM:1" Adjunction "Hypothetical Syllogism"
2706            Importation "→E")
2707
2708AOT_theorem "rule-sub-lem:1:a":
2709  assumes  (ψ  χ)
2710  shows  ¬ψ  ¬χ
2711  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2712        "≡E"(1) "oth-class-taut:4:b" by blast
2713
2714AOT_theorem "rule-sub-lem:1:b":
2715  assumes  (ψ  χ)
2716  shows  (ψ  Θ)  (χ  Θ)
2717  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2718  using "oth-class-taut:4:c" "vdash-properties:6" by blast
2719
2720AOT_theorem "rule-sub-lem:1:c":
2721  assumes  (ψ  χ)
2722  shows  (Θ  ψ)  (Θ  χ)
2723  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2724  using "oth-class-taut:4:d" "vdash-properties:6" by blast
2725
2726AOT_theorem "rule-sub-lem:1:d":
2727  assumes for arbitrary α:  (ψ{α}  χ{α})
2728  shows  α ψ{α}  α χ{α}
2729proof -
2730  AOT_modally_strict {
2731    AOT_have α (ψ{α}  χ{α})
2732      using "qml:2"[axiom_inst, THEN "→E", OF assms] "∀I" by fast
2733    AOT_hence 0: ψ{α}  χ{α} for α using "∀E" by blast
2734    AOT_show α ψ{α}  α χ{α}
2735    proof (rule "≡I"; rule "→I")
2736      AOT_assume α ψ{α}
2737      AOT_hence ψ{α} for α using "∀E" by blast
2738      AOT_hence χ{α} for α using 0 "≡E" by blast
2739      AOT_thus α χ{α} by (rule "∀I")
2740    next
2741      AOT_assume α χ{α}
2742      AOT_hence χ{α} for α using "∀E" by blast
2743      AOT_hence ψ{α} for α using 0 "≡E" by blast
2744      AOT_thus α ψ{α} by (rule "∀I")
2745    qed
2746  }
2747qed
2748
2749AOT_theorem "rule-sub-lem:1:e":
2750  assumes  (ψ  χ)
2751  shows   ψ]   χ]
2752  using "qml:2"[axiom_inst, THEN "→E", OF assms]
2753  using "≡E"(1) "propositions-lemma:6" by blast
2754
2755AOT_theorem "rule-sub-lem:1:f":
2756  assumes  (ψ  χ)
2757  shows  𝒜ψ  𝒜χ
2758  using "qml:2"[axiom_inst, THEN "→E", OF assms, THEN "RA[2]"]
2759  by (metis "Act-Basic:5" "≡E"(1))
2760
2761AOT_theorem "rule-sub-lem:1:g":
2762  assumes  (ψ  χ)
2763  shows  ψ  χ
2764  using "KBasic:6" assms "vdash-properties:6" by blast
2765
2766text‹Note that instead of deriving @{text "rule-sub-lem:2"},
2767     @{text "rule-sub-lem:3"}, @{text "rule-sub-lem:4"},
2768     and @{text "rule-sub-nec"}, we construct substitution methods instead.›
2769
2770class AOT_subst =
2771  fixes AOT_subst :: "('a  𝗈)  bool"
2772    and AOT_subst_cond :: "'a  'a  bool"
2773  assumes AOT_subst:
2774    "AOT_subst φ  AOT_subst_cond ψ χ  [v  «φ ψ»  «φ χ»]"
2775
2776named_theorems AOT_substI
2777
2778instantiation 𝗈 :: AOT_subst
2779begin
2780
2781inductive AOT_subst_𝗈 where
2782  AOT_subst_𝗈_id[AOT_substI]:
2783    AOT_subst_𝗈 (λφ. φ)
2784  | AOT_subst_𝗈_const[AOT_substI]:
2785    AOT_subst_𝗈 (λφ. ψ)
2786  | AOT_subst_𝗈_not[AOT_substI]:
2787    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «¬Θ{φ}»)
2788  | AOT_subst_𝗈_imp[AOT_substI]:
2789    AOT_subst_𝗈 Θ  AOT_subst_𝗈 Ξ  AOT_subst_𝗈 (λ φ. «Θ{φ}  Ξ{φ}»)
2790  | AOT_subst_𝗈_lambda0[AOT_substI]:
2791    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. (AOT_lambda0 (Θ φ)))
2792  | AOT_subst_𝗈_act[AOT_substI]:
2793    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «𝒜Θ{φ}»)
2794  | AOT_subst_𝗈_box[AOT_substI]:
2795    AOT_subst_𝗈 Θ  AOT_subst_𝗈 (λ φ. «Θ{φ}»)
2796  | AOT_subst_𝗈_by_def[AOT_substI]:
2797    ( ψ . AOT_model_equiv_def (Θ ψ) (Ξ ψ)) 
2798      AOT_subst_𝗈 Ξ  AOT_subst_𝗈 Θ
2799
2800
2801definition AOT_subst_cond_𝗈 where
2802  AOT_subst_cond_𝗈  λ ψ χ .  v . [v  ψ  χ]
2803
2804instance
2805proof
2806  fix ψ χ :: 𝗈 and φ :: ‹𝗈  𝗈›
2807  assume cond: ‹AOT_subst_cond ψ χ
2808  assume ‹AOT_subst φ
2809  moreover AOT_have  ψ  χ
2810    using cond unfolding AOT_subst_cond_𝗈_def by blast
2811  ultimately AOT_show  φ{ψ}  φ{χ}
2812  proof (induct arbitrary: ψ χ)
2813    case AOT_subst_𝗈_id
2814    thus ?case
2815      using "≡E"(2) "oth-class-taut:4:b" "rule-sub-lem:1:a" by blast
2816  next
2817    case (AOT_subst_𝗈_const ψ)
2818    thus ?case
2819      by (simp add: "oth-class-taut:3:a")
2820  next
2821    case (AOT_subst_𝗈_not Θ)
2822    thus ?case
2823      by (simp add: RN "rule-sub-lem:1:a")
2824  next
2825    case (AOT_subst_𝗈_imp Θ Ξ)
2826    thus ?case
2827      by (meson RN "≡E"(5) "rule-sub-lem:1:b" "rule-sub-lem:1:c")
2828  next
2829    case (AOT_subst_𝗈_lambda0 Θ)
2830    thus ?case
2831      by (simp add: RN "rule-sub-lem:1:e")
2832  next
2833    case (AOT_subst_𝗈_act Θ)
2834    thus ?case
2835      by (simp add: RN "rule-sub-lem:1:f")
2836  next
2837    case (AOT_subst_𝗈_box Θ)
2838    thus ?case
2839      by (simp add: RN "rule-sub-lem:1:g")
2840  next
2841    case (AOT_subst_𝗈_by_def Θ Ξ)
2842    AOT_modally_strict {
2843      AOT_have Ξ{ψ}  Ξ{χ}
2844        using AOT_subst_𝗈_by_def by simp
2845      AOT_thus Θ{ψ}  Θ{χ}
2846        using "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ ψ]
2847              "≡Df"[OF AOT_subst_𝗈_by_def(1), of _ χ]
2848        by (metis "≡E"(6) "oth-class-taut:3:a")
2849    }
2850  qed
2851qed
2852end
2853
2854instantiation "fun" :: (AOT_Term_id_2, AOT_subst) AOT_subst
2855begin
2856
2857definition AOT_subst_cond_fun :: ('a  'b)  ('a  'b)  bool› where
2858  AOT_subst_cond_fun  λ φ ψ .  α . AOT_subst_cond (φ (AOT_term_of_var α))
2859                                                      (ψ (AOT_term_of_var α))
2860
2861inductive AOT_subst_fun :: (('a  'b)  𝗈)  bool› where
2862  AOT_subst_fun_const[AOT_substI]:
2863    AOT_subst_fun (λφ. ψ)
2864  | AOT_subst_fun_id[AOT_substI]:
2865    ‹AOT_subst Ψ  AOT_subst_fun (λφ. Ψ (φ (AOT_term_of_var α)))
2866  | AOT_subst_fun_all[AOT_substI]:
2867    ‹AOT_subst Ψ  ( α . AOT_subst_fun (Θ (AOT_term_of_var α))) 
2868     AOT_subst_fun (λφ :: 'a  'b. Ψ «α «Θ (α::'a) φ»»)
2869  | AOT_subst_fun_not[AOT_substI]:
2870    ‹AOT_subst Ψ  AOT_subst_fun (λφ. «¬«Ψ φ»»)
2871  | AOT_subst_fun_imp[AOT_substI]:
2872    ‹AOT_subst Ψ  AOT_subst Θ  AOT_subst_fun (λφ. ««Ψ φ»  «Θ φ»»)
2873  | AOT_subst_fun_lambda0[AOT_substI]:
2874    ‹AOT_subst Θ  AOT_subst_fun (λ φ. (AOT_lambda0 (Θ φ)))
2875  | AOT_subst_fun_act[AOT_substI]:
2876    ‹AOT_subst Θ  AOT_subst_fun (λ φ. «𝒜«Θ φ»»)
2877  | AOT_subst_fun_box[AOT_substI]:
2878    ‹AOT_subst Θ  AOT_subst_fun (λ φ. ««Θ φ»»)
2879  | AOT_subst_fun_def[AOT_substI]:
2880    ( φ . AOT_model_equiv_def (Θ φ) (Ψ φ)) 
2881     AOT_subst_fun Ψ  AOT_subst_fun Θ
2882
2883instance proof
2884  fix ψ χ :: 'a  'b and φ :: ('a  'b)  𝗈›
2885  assume ‹AOT_subst φ
2886  moreover assume cond: ‹AOT_subst_cond ψ χ
2887  ultimately AOT_show  «φ ψ»  «φ χ»
2888  proof(induct)
2889    case (AOT_subst_fun_const ψ)
2890    then show ?case by (simp add: "oth-class-taut:3:a")
2891  next
2892  case (AOT_subst_fun_id Ψ x)
2893  then show ?case by (simp add: AOT_subst AOT_subst_cond_fun_def) 
2894  next
2895  next
2896  case (AOT_subst_fun_all Ψ Θ)
2897  AOT_have  (Θ{α, «ψ»}  Θ{α, «χ»}) for α
2898    using AOT_subst_fun_all.hyps(3) AOT_subst_fun_all.prems RN by presburger
2899  thus ?case using AOT_subst[OF AOT_subst_fun_all(1)]
2900    by (simp add: RN "rule-sub-lem:1:d"
2901                  AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def)
2902  next
2903  case (AOT_subst_fun_not Ψ)
2904  then show ?case by (simp add: RN "rule-sub-lem:1:a")
2905  next
2906  case (AOT_subst_fun_imp Ψ Θ)
2907  then show ?case 
2908    unfolding AOT_subst_cond_fun_def AOT_subst_cond_𝗈_def
2909    by (meson "≡E"(5) "oth-class-taut:4:c" "oth-class-taut:4:d" "→E")
2910  next
2911  case (AOT_subst_fun_lambda0 Θ)
2912  then show ?case by (simp add: RN "rule-sub-lem:1:e")
2913  next
2914  case (AOT_subst_fun_act Θ)
2915  then show ?case by (simp add: RN "rule-sub-lem:1:f")
2916  next
2917  case (AOT_subst_fun_box Θ)
2918  then show ?case by (simp add: RN "rule-sub-lem:1:g")
2919  next
2920  case (AOT_subst_fun_def Θ Ψ)
2921  then show ?case
2922    by (meson "df-rules-formulas[3]" "df-rules-formulas[4]" "≡I" "≡E"(5))
2923  qed
2924qed
2925end
2926
2927ML2928fun prove_AOT_subst_tac ctxt = REPEAT (SUBGOAL (fn (trm,_) => let
2929  fun findHeadConst (Const x) = SOME x
2930    | findHeadConst (A $ _) = findHeadConst A
2931    | findHeadConst _ = NONE
2932  fun findDef (Const (const_name‹AOT_model_equiv_def›, _) $ lhs $ _)
2933      = findHeadConst lhs
2934    | findDef (A $ B) = (case findDef A of SOME x => SOME x | _ => findDef B)
2935    | findDef (Abs (_,_,c)) = findDef c
2936    | findDef _ = NONE
2937  val const_opt = (findDef trm)
2938  val defs = case const_opt of SOME const => List.filter (fn thm => let
2939      val concl = Thm.concl_of thm
2940      val thmconst = (findDef concl)
2941      in case thmconst of SOME (c,_) => fst const = c | _ => false end)
2942      (AOT_Definitions.get ctxt)
2943      | _ => []
2944  val tac = case defs of
2945            [] => safe_step_tac (ctxt addSIs @{thms AOT_substI}) 1
2946            | _ => resolve_tac ctxt defs 1
2947  in tac end) 1)
2948fun getSubstThm ctxt reversed phi p q = let
2949val p_ty = Term.type_of p
2950val abs = HOLogic.mk_Trueprop (@{const AOT_subst(_)} $ phi)
2951val abs = Syntax.check_term ctxt abs
2952val substThm = Goal.prove ctxt [] [] abs
2953  (fn {context=ctxt, prems=_} => prove_AOT_subst_tac ctxt)
2954val substThm = substThm RS @{thm AOT_subst}
2955fun TVars_make x = x (* Next Isabelle release: = TVars.make x *)
2956val TVars_empty = [] (* Next Isabelle release: = TVars.empty *)
2957fun Vars_make x = x (* Next Isabelle release: = Vars.make x *)
2958val Vars_empty = [] (* Next Isabelle release: = Vars.empty *)
2959in if reversed then let
2960  val substThm = Drule.instantiate_normalize
2961          (TVars_empty,Vars_make [((("χ", 0), p_ty), Thm.cterm_of ctxt p),
2962          ((("ψ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2963  val substThm = substThm RS @{thm "≡E"(1)}
2964  in substThm end
2965else
2966  let
2967  val substThm = Drule.instantiate_normalize
2968          (TVars_empty,Vars_make [((("ψ", 0), p_ty), Thm.cterm_of ctxt p),
2969          ((("χ", 0), p_ty), Thm.cterm_of ctxt q)]) substThm
2970  val substThm = substThm RS @{thm "≡E"(2)}
2971  in substThm end end
2972
2973
2974method_setup AOT_subst = 2975Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
2976Scan.lift (Args.embedded_inner_syntax -- Args.embedded_inner_syntax) --
2977Scan.option (Scan.lift (Args.$$$ "for" -- Args.colon) |--
2978Scan.repeat1 (Scan.lift (Args.embedded_inner_syntax) --
2979Scan.option (Scan.lift (Args.$$$ "::" |-- Args.embedded_inner_syntax))))
2980>> (fn ((reversed,(raw_p,raw_q)),raw_bounds) => (fn ctxt =>
2981(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
2982  prems = prems, asms = asms, concl = concl, schematics = _} =>
2983let
2984val thms = prems
2985val ctxt' = ctxt
2986val ctxt = Context_Position.set_visible false ctxt
2987val raw_bounds = case raw_bounds of SOME bounds => bounds | _ => []
2988
2989val ctxt = (fold (fn (bound, ty) => fn ctxt =>
2990  let
2991    val bound = AOT_read_term @{nonterminal τ'} ctxt bound
2992    val ty = Option.map (Syntax.read_typ ctxt) ty
2993    val ctxt = case ty of SOME ty => let
2994        val bound = Const ("_type_constraint_", Type ("fun", [ty,ty])) $ bound
2995        val bound = Syntax.check_term ctxt bound
2996      in Variable.declare_term bound ctxt end | _ => ctxt
2997  in ctxt end)) raw_bounds ctxt
2998
2999val p = AOT_read_term @{nonterminal φ'} ctxt raw_p
3000val p = Syntax.check_term ctxt p
3001val ctxt = Variable.declare_term p ctxt
3002val q = AOT_read_term @{nonterminal φ'} ctxt raw_q
3003val q = Syntax.check_term ctxt q
3004val ctxt = Variable.declare_term q ctxt
3005
3006val bounds = (map (fn (bound, _) =>
3007  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt bound)
3008)) raw_bounds
3009val p = fold (fn bound => fn p =>
3010  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,p)))
3011  bounds p
3012val p = Syntax.check_term ctxt p
3013val p_ty = Term.type_of p
3014
3015val pat = @{const Trueprop} $
3016  (@{const AOT_model_valid_in} $ Var (("w",0), @{typ w}) $
3017   (Var (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])) $ p))
3018val univ = Unify.matchers (Context.Proof ctxt) [(pat, Thm.term_of concl)]
3019val univ = hd (Seq.list_of univ) (* TODO: consider all matches *)
3020val phi = the (Envir.lookup univ
3021  (("φ",0), Type (type_name‹fun›, [p_ty, @{typ 𝗈}])))
3022
3023val q = fold (fn bound => fn q =>
3024  Term.abs ("α", Term.type_of bound) (Term.abstract_over (bound,q))) bounds q
3025val q = Syntax.check_term ctxt q
3026
3027(* Reparse to report bounds as fixes. *)
3028val ctxt = Context_Position.restore_visible ctxt' ctxt
3029val ctxt' = ctxt
3030fun unsource str = fst (Input.source_content (Syntax.read_input str))
3031val (_,ctxt') = Proof_Context.add_fixes (map (fn (str,_) =>
3032  (Binding.make (unsource str, Position.none), NONE, Mixfix.NoSyn)) raw_bounds)
3033  ctxt'
3034val _ = (map (fn (x,_) =>
3035  Syntax.check_term ctxt (AOT_read_term @{nonterminal τ'} ctxt' x)))
3036  raw_bounds
3037val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_p
3038val _ = AOT_read_term @{nonterminal φ'} ctxt' raw_q
3039val reversed = case reversed of SOME _ => true | _ => false
3040val simpThms = [@{thm AOT_subst_cond_𝗈_def}, @{thm AOT_subst_cond_fun_def}]
3041in
3042resolve_tac ctxt [getSubstThm ctxt reversed phi p q] 1
3043THEN simp_tac (ctxt addsimps simpThms) 1
3044THEN (REPEAT (resolve_tac ctxt [@{thm allI}] 1))
3045THEN (TRY (resolve_tac ctxt thms 1))
3046end
3047) ctxt 1))))
3048
3049
3050method_setup AOT_subst_def = 3051Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3052Attrib.thm
3053>> (fn (reversed,fact) => (fn ctxt =>
3054(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3055  prems = prems, asms = asms, concl = concl, schematics = _} =>
3056let
3057val c = Thm.concl_of fact
3058val (lhs, rhs) = case c of (const‹Trueprop› $
3059    (const‹AOT_model_equiv_def› $ lhs $ rhs)) => (lhs, rhs)
3060  | _ => raise Fail "Definition expected."
3061val substCond = HOLogic.mk_Trueprop
3062  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3063val substCond = Syntax.check_term
3064  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3065  substCond
3066val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3067  @{thm AOT_subst_cond_fun_def},
3068  fact RS @{thm "≡Df"}]
3069val substCondThm = Goal.prove ctxt [] [] substCond
3070  (fn {context=ctxt, prems=prems} =>
3071      (SUBGOAL (fn (trm,int) =>
3072        auto_tac (ctxt addsimps simpThms)) 1))
3073val substThm = substCondThm RSN (2,@{thm AOT_subst})
3074in
3075resolve_tac ctxt [substThm RS
3076  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3077THEN prove_AOT_subst_tac ctxt
3078THEN (TRY (resolve_tac ctxt prems 1))
3079end
3080) ctxt 1))))
3081
3082
3083method_setup AOT_subst_thm = 3084Scan.option (Scan.lift (Args.parens (Args.$$$ "reverse"))) --
3085Attrib.thm
3086>> (fn (reversed,fact) => (fn ctxt =>
3087(Method.SIMPLE_METHOD (Subgoal.FOCUS (fn {context = ctxt, params = _,
3088  prems = prems, asms = asms, concl = concl, schematics = _} =>
3089let
3090val c = Thm.concl_of fact
3091val (lhs, rhs) = case c of
3092  (const‹Trueprop› $
3093   (const‹AOT_model_valid_in› $ _ $
3094    (const‹AOT_equiv› $ lhs $ rhs))) => (lhs, rhs)
3095  | _ => raise Fail "Equivalence expected."
3096
3097val substCond = HOLogic.mk_Trueprop
3098  (Const (const_name‹AOT_subst_cond›, dummyT) $ lhs $ rhs)
3099val substCond = Syntax.check_term
3100  (Proof_Context.set_mode Proof_Context.mode_schematic ctxt)
3101  substCond
3102val simpThms = [@{thm AOT_subst_cond_𝗈_def},
3103  @{thm AOT_subst_cond_fun_def},
3104  fact]
3105val substCondThm = Goal.prove ctxt [] [] substCond
3106  (fn {context=ctxt, prems=prems} =>
3107      (SUBGOAL (fn (trm,int) => auto_tac (ctxt addsimps simpThms)) 1))
3108val substThm = substCondThm RSN (2,@{thm AOT_subst})
3109in
3110resolve_tac ctxt [substThm RS
3111  (case reversed of NONE => @{thm "≡E"(2)} | _ => @{thm "≡E"(1)})] 1
3112THEN prove_AOT_subst_tac ctxt
3113THEN (TRY (resolve_tac ctxt prems 1))
3114end
3115) ctxt 1))))
3116
3117
3118AOT_theorem "rule-sub-remark:1[1]":
3119  assumes  A!x  ¬E!x and ¬A!x
3120  shows ¬¬E!x
3121  by (AOT_subst (reverse) ¬E!x A!x)
3122     (auto simp: assms) 
3123
3124AOT_theorem "rule-sub-remark:1[2]":
3125  assumes  A!x  ¬E!x and  ¬¬E!x
3126  shows ¬A!x
3127  by (AOT_subst A!x ¬E!x)
3128     (auto simp: assms)
3129
3130AOT_theorem "rule-sub-remark:2[1]":
3131  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3132      and p  [R]xy
3133  shows p  [R]xy & ([Q]a  ¬[Q]a)
3134  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3135
3136AOT_theorem "rule-sub-remark:2[2]":
3137  assumes  [R]xy  ([R]xy & ([Q]a  ¬[Q]a))
3138      and p  [R]xy & ([Q]a  ¬[Q]a)
3139  shows p  [R]xy
3140  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3141
3142AOT_theorem "rule-sub-remark:3[1]":
3143  assumes for arbitrary x:  A!x  ¬E!x
3144      and x A!x
3145    shows x ¬E!x
3146  by (AOT_subst (reverse) ¬E!x A!x for: x)
3147     (auto simp: assms)
3148
3149AOT_theorem "rule-sub-remark:3[2]":
3150  assumes for arbitrary x:  A!x  ¬E!x
3151      and x ¬E!x
3152    shows x A!x
3153  by (AOT_subst A!x ¬E!x for: x)
3154     (auto simp: assms)
3155
3156AOT_theorem "rule-sub-remark:4[1]":
3157  assumes  ¬¬[P]x  [P]x and 𝒜¬¬[P]x
3158  shows 𝒜[P]x
3159  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3160
3161AOT_theorem "rule-sub-remark:4[2]":
3162  assumes  ¬¬[P]x  [P]x and 𝒜[P]x
3163  shows 𝒜¬¬[P]x
3164  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3165
3166AOT_theorem "rule-sub-remark:5[1]":
3167  assumes  (φ  ψ)  (¬ψ  ¬φ) and (φ  ψ)
3168  shows (¬ψ  ¬φ)
3169  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3170
3171AOT_theorem "rule-sub-remark:5[2]":
3172  assumes  (φ  ψ)  (¬ψ  ¬φ) and (¬ψ  ¬φ)
3173  shows (φ  ψ) 
3174  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3175
3176AOT_theorem "rule-sub-remark:6[1]":
3177  assumes  ψ  χ and (φ  ψ)
3178  shows (φ  χ) 
3179  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3180
3181AOT_theorem "rule-sub-remark:6[2]":
3182  assumes  ψ  χ and (φ  χ)
3183  shows (φ  ψ)
3184  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3185
3186AOT_theorem "rule-sub-remark:7[1]":
3187  assumes  φ  ¬¬φ and (φ  φ)
3188  shows (¬¬φ  φ) 
3189  by (AOT_subst_thm (reverse) assms(1)) (simp add: assms(2))
3190
3191AOT_theorem "rule-sub-remark:7[2]":
3192  assumes  φ  ¬¬φ and (¬¬φ  φ)
3193  shows (φ  φ)
3194  by (AOT_subst_thm assms(1)) (simp add: assms(2))
3195
3196AOT_theorem "KBasic2:1": ¬φ  ¬φ
3197  by (meson "conventions:5" "contraposition:2"
3198            "Hypothetical Syllogism" "df-rules-formulas[3]"
3199            "df-rules-formulas[4]" "≡I" "useful-tautologies:1")
3200
3201AOT_theorem "KBasic2:2": (φ  ψ)  (φ  ψ)
3202proof -
3203  AOT_have (φ  ψ)  ¬(¬φ & ¬ψ)
3204    by (simp add: "RE◇" "oth-class-taut:5:b")
3205  also AOT_have   ¬(¬φ & ¬ψ)
3206    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3207  also AOT_have   ¬(¬φ & ¬ψ)
3208    using "KBasic:3" "≡E"(1) "oth-class-taut:4:b" by blast
3209  also AOT_have   ¬(¬φ & ¬ψ)
3210    using "KBasic2:1"
3211    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ;
3212        auto simp: "oth-class-taut:3:a")
3213  also AOT_have   ¬¬(φ  ψ)
3214    using "≡E"(6) "oth-class-taut:3:b" "oth-class-taut:5:b" by blast
3215  also AOT_have   φ  ψ
3216    by (simp add: "≡I" "useful-tautologies:1" "useful-tautologies:2")
3217  finally show ?thesis .
3218qed
3219
3220AOT_theorem "KBasic2:3": (φ & ψ)  (φ & ψ)
3221  by (metis "RM◇" "&I" "Conjunction Simplification"(1,2)
3222            "→I" "modus-tollens:1" "reductio-aa:1")
3223
3224AOT_theorem "KBasic2:4": (φ  ψ)  (φ  ψ)
3225proof -
3226  AOT_have (φ  ψ)  (¬φ  ψ)
3227    by (AOT_subst φ  ψ ¬φ  ψ)
3228       (auto simp: "oth-class-taut:1:c" "oth-class-taut:3:a")
3229  also AOT_have ...  ¬φ  ψ
3230    by (simp add: "KBasic2:2")
3231  also AOT_have ...  ¬φ  ψ
3232    by (AOT_subst ¬φ ¬φ)
3233       (auto simp: "KBasic:11" "oth-class-taut:3:a")
3234  also AOT_have ...  φ  ψ
3235    using "≡E"(6) "oth-class-taut:1:c" "oth-class-taut:3:a" by blast
3236  finally show ?thesis .
3237qed
3238
3239AOT_theorem "KBasic2:5": φ  ¬¬φ
3240  using "conventions:5"[THEN "≡Df"]
3241  by (AOT_subst φ ¬¬φ;
3242      AOT_subst ¬¬φ ¬¬¬¬φ;
3243      AOT_subst (reverse) ¬¬¬φ ¬φ)
3244     (auto simp: "oth-class-taut:3:b" "oth-class-taut:3:a")
3245
3246
3247AOT_theorem "KBasic2:6": (φ  ψ)  (φ  ψ)
3248proof(rule "→I"; rule "raa-cor:1")
3249  AOT_assume (φ  ψ)
3250  AOT_hence (¬φ  ψ)
3251    using "conventions:2"[THEN "≡Df"]
3252    by (AOT_subst (reverse) ¬φ  ψ φ  ψ) simp
3253  AOT_hence 1: ¬φ  ψ
3254    using "KBasic:13" "vdash-properties:10" by blast
3255  AOT_assume ¬(φ  ψ)
3256  AOT_hence ¬φ and ¬ψ
3257    using "&E" "≡E"(1) "oth-class-taut:5:d" by blast+
3258  AOT_thus ψ & ¬ψ
3259    using "&I"(1) 1[THEN "→E"] "KBasic:11" "≡E"(4) "raa-cor:3" by blast
3260qed
3261
3262AOT_theorem "KBasic2:7": ((φ  ψ) & ¬φ)  ψ
3263proof(rule "→I"; frule "&E"(1); drule "&E"(2))
3264  AOT_assume (φ  ψ)
3265  AOT_hence 1: φ  ψ
3266    using "KBasic2:6" "∨I"(2) "∨E"(1) by blast
3267  AOT_assume ¬φ
3268  AOT_hence ¬φ using "KBasic:11" "≡E"(2) by blast
3269  AOT_thus ψ using 1 "∨E"(2) by blast
3270qed
3271
3272AOT_theorem "T-S5-fund:1": φ  φ
3273  by (meson "≡dfI" "conventions:5" "contraposition:2"
3274            "Hypothetical Syllogism" "→I" "qml:2"[axiom_inst])
3275lemmas "T◇" = "T-S5-fund:1"
3276
3277AOT_theorem "T-S5-fund:2": φ  φ
3278proof(rule "→I")
3279  AOT_assume φ
3280  AOT_hence ¬¬φ
3281    using "KBasic:14" "≡E"(4) "raa-cor:3" by blast
3282  moreover AOT_have ¬φ  ¬φ
3283    by (fact "qml:3"[axiom_inst])
3284  ultimately AOT_have ¬¬φ
3285    using "modus-tollens:1" by blast
3286  AOT_thus φ using "KBasic:12" "≡E"(2) by blast
3287qed
3288lemmas "5◇" = "T-S5-fund:2"
3289
3290AOT_theorem "Act-Sub:1": 𝒜φ  ¬𝒜¬φ
3291  by (AOT_subst 𝒜¬φ ¬𝒜φ)
3292     (auto simp: "logic-actual-nec:1"[axiom_inst] "oth-class-taut:3:b")
3293
3294AOT_theorem "Act-Sub:2": φ  𝒜φ
3295  using "conventions:5"[THEN "≡Df"]
3296  by (AOT_subst φ ¬¬φ)
3297     (metis "deduction-theorem" "≡I" "≡E"(1) "≡E"(2) "≡E"(3)
3298            "logic-actual-nec:1"[axiom_inst] "qml-act:2"[axiom_inst])
3299
3300AOT_theorem "Act-Sub:3": 𝒜φ  φ
3301  using "conventions:5"[THEN "≡Df"]
3302  by (AOT_subst φ ¬¬φ)
3303     (metis "Act-Sub:1" "→I" "≡E"(4) "nec-imp-act" "reductio-aa:2" "→E")
3304
3305AOT_theorem "Act-Sub:4": 𝒜φ  𝒜φ
3306proof (rule "≡I"; rule "→I")
3307  AOT_assume 𝒜φ
3308  AOT_thus 𝒜φ using "T◇" "vdash-properties:10" by blast
3309next
3310  AOT_assume 𝒜φ
3311  AOT_hence ¬¬𝒜φ
3312    using "≡dfE" "conventions:5" by blast
3313  AOT_hence ¬𝒜¬φ
3314    by (AOT_subst 𝒜¬φ ¬𝒜φ)
3315       (simp add: "logic-actual-nec:1"[axiom_inst])
3316  AOT_thus 𝒜φ
3317    using "Act-Basic:1" "Act-Basic:6" "∨E"(3) "≡E"(4)
3318          "reductio-aa:1" by blast
3319qed
3320
3321AOT_theorem "Act-Sub:5": 𝒜φ  𝒜φ
3322  by (metis "Act-Sub:2" "Act-Sub:3" "Act-Sub:4" "→I" "≡E"(1) "≡E"(2) "→E")
3323
3324AOT_theorem "S5Basic:1": φ  φ
3325  by (simp add: "≡I" "qml:2"[axiom_inst] "qml:3"[axiom_inst])
3326
3327AOT_theorem "S5Basic:2": φ  φ
3328  by (simp add: "T◇" "5◇" "≡I")
3329
3330AOT_theorem "S5Basic:3": φ  φ
3331  using "T◇" "Hypothetical Syllogism" "qml:3"[axiom_inst] by blast
3332lemmas "B" = "S5Basic:3"
3333
3334AOT_theorem "S5Basic:4": φ  φ
3335  using "5◇" "Hypothetical Syllogism" "qml:2"[axiom_inst] by blast
3336lemmas "B◇" = "S5Basic:4"
3337
3338AOT_theorem "S5Basic:5": φ  φ
3339  using "RM:1" "B" "5◇" "Hypothetical Syllogism" by blast
3340lemmas "4" = "S5Basic:5"
3341
3342AOT_theorem "S5Basic:6": φ  φ
3343  by (simp add: "4" "≡I" "qml:2"[axiom_inst])
3344
3345AOT_theorem "S5Basic:7": φ  φ
3346  using "conventions:5"[THEN "≡Df"] "oth-class-taut:3:b"
3347  by (AOT_subst φ ¬¬φ;
3348      AOT_subst φ ¬¬φ;
3349      AOT_subst (reverse) ¬¬¬φ ¬φ;
3350      AOT_subst (reverse) ¬φ ¬φ)
3351     (auto simp: "S5Basic:6" "if-p-then-p")
3352
3353lemmas "4◇" = "S5Basic:7"
3354
3355AOT_theorem "S5Basic:8": φ  φ
3356  by (simp add: "4◇" "T◇" "≡I")
3357
3358AOT_theorem "S5Basic:9": (φ  ψ)  (φ  ψ)
3359  apply (rule "≡I"; rule "→I")
3360  using "KBasic2:6" "5◇" "∨I"(3) "if-p-then-p" "vdash-properties:10"
3361   apply blast
3362  by (meson "KBasic:15" "4" "∨I"(3) "∨E"(1) "Disjunction Addition"(1)
3363            "con-dis-taut:7" "intro-elim:1" "Commutativity of ∨")
3364
3365AOT_theorem "S5Basic:10": (φ  ψ)  (φ  ψ)
3366(* Note: nicely this proof is entirely sledgehammer generated *)
3367proof(rule "≡I"; rule "→I")
3368  AOT_assume (φ  ψ)
3369  AOT_hence φ  ψ
3370    by (meson "KBasic2:6" "∨I"(2) "∨E"(1))
3371  AOT_thus φ  ψ
3372    by (meson "B◇" "4" "4◇" "T◇" "∨I"(3))
3373next
3374  AOT_assume φ  ψ
3375  AOT_hence φ  ψ
3376    by (meson "S5Basic:1" "B◇" "S5Basic:6" "T◇" "5◇" "∨I"(3) "intro-elim:1")
3377  AOT_thus (φ  ψ)
3378    by (meson "KBasic:15" "∨I"(3) "∨E"(1) "Disjunction Addition"(1,2))
3379qed
3380
3381AOT_theorem "S5Basic:11": (φ & ψ)  (φ & ψ)
3382proof -
3383  AOT_have (φ & ψ)  ¬(¬φ  ¬ψ)
3384    by (AOT_subst φ & ψ ¬(¬φ  ¬ψ))
3385       (auto simp: "oth-class-taut:5:a" "oth-class-taut:3:a")
3386  also AOT_have   ¬(¬φ  ¬ψ)
3387    by (AOT_subst ¬ψ ¬ψ)
3388       (auto simp: "KBasic2:1" "oth-class-taut:3:a")
3389  also AOT_have   ¬(¬φ  ¬ψ)
3390    using "KBasic:11" "≡E"(6) "oth-class-taut:3:a" by blast
3391  also AOT_have   ¬(¬φ  ¬ψ)
3392    using "S5Basic:9" "≡E"(1) "oth-class-taut:4:b" by blast
3393  also AOT_have   ¬(¬φ  ¬ψ)
3394    using "KBasic2:1"
3395    by (AOT_subst ¬φ ¬φ; AOT_subst ¬ψ ¬ψ)
3396       (auto simp:  "oth-class-taut:3:a")
3397  also AOT_have   φ & ψ
3398    using "≡E"(6) "oth-class-taut:3:a" "oth-class-taut:5:a" by blast
3399  finally show ?thesis .
3400qed
3401
3402AOT_theorem "S5Basic:12": (φ & ψ)  (φ & ψ)
3403proof (rule "≡I"; rule "→I")
3404  AOT_assume (φ & ψ)
3405  AOT_hence φ & ψ
3406    using "KBasic2:3" "vdash-properties:6" by blast
3407  AOT_thus φ & ψ
3408    using "5◇" "&I" "&E"(1) "&E"(2) "vdash-properties:6" by blast
3409next
3410  AOT_assume φ & ψ
3411  moreover AOT_have (ψ & φ)  (φ & ψ)
3412    by (AOT_subst φ & ψ ψ & φ)
3413       (auto simp: "Commutativity of &" "KBasic:16")
3414  ultimately AOT_show (φ & ψ)
3415    by (metis "4" "&I" "Conjunction Simplification"(1,2) "→E")
3416qed
3417
3418AOT_theorem "S5Basic:13": (φ  ψ)  (φ  ψ)
3419proof (rule "≡I")
3420  AOT_modally_strict {
3421    AOT_have (φ  ψ)  (φ  ψ)
3422      by (meson "KBasic:13" "B◇" "Hypothetical Syllogism" "→I")
3423  }
3424  AOT_hence (φ  ψ)  (φ  ψ)
3425    by (rule RM)
3426  AOT_thus  (φ  ψ)  (φ  ψ)
3427    using "4" "Hypothetical Syllogism" by blast
3428next
3429  AOT_modally_strict {
3430    AOT_have (φ  ψ)  (φ  ψ)
3431      by (meson "B" "Hypothetical Syllogism" "→I" "qml:1"[axiom_inst])
3432  }
3433  AOT_hence  (φ  ψ)  (φ  ψ)
3434    by (rule RM)
3435  AOT_thus (φ  ψ)  (φ  ψ)
3436    using "4" "Hypothetical Syllogism" by blast
3437qed
3438
3439AOT_theorem "derived-S5-rules:1":
3440  assumes Γ  φ  ψ
3441  shows Γ  φ  ψ
3442proof -
3443  AOT_have Γ  φ  ψ
3444    using assms by (rule "RM:1[prem]")
3445  AOT_thus Γ  φ  ψ
3446    using "B" "Hypothetical Syllogism" by blast
3447qed
3448
3449AOT_theorem "derived-S5-rules:2":
3450  assumes Γ  φ  ψ
3451  shows Γ  φ  ψ
3452proof -
3453  AOT_have Γ  φ  ψ
3454    using assms by (rule "RM:2[prem]")
3455  AOT_thus Γ  φ  ψ
3456    using "B◇" "Hypothetical Syllogism" by blast
3457qed
3458
3459AOT_theorem "BFs:1": α φ{α}  α φ{α}
3460proof -
3461  AOT_modally_strict {
3462    AOT_have α φ{α}  φ{α} for α
3463      using "cqt-orig:3" by (rule "RM◇")
3464    AOT_hence α φ{α}  α φ{α}
3465      using "B◇" "∀I" "→E" "→I" by metis
3466  }
3467  thus ?thesis
3468    using "derived-S5-rules:1" by blast
3469qed
3470lemmas "BF" = "BFs:1"
3471
3472AOT_theorem "BFs:2": α φ{α}  α φ{α}
3473proof -
3474  AOT_have α φ{α}  φ{α} for α
3475    using RM "cqt-orig:3" by metis
3476  thus ?thesis
3477    using "cqt-orig:2"[THEN "→E"] "∀I" by metis
3478qed
3479lemmas "CBF" = "BFs:2"
3480
3481AOT_theorem "BFs:3": α φ{α}  α φ{α}
3482proof(rule "→I")
3483  AOT_modally_strict {
3484    AOT_have α ¬φ{α}  α ¬φ{α}
3485      using BF CBF "≡I" by blast
3486  } note θ = this
3487
3488  AOT_assume α φ{α}
3489  AOT_hence ¬¬(α φ{α})
3490    using "≡dfE" "conventions:5" by blast
3491  AOT_hence ¬α ¬φ{α}
3492    apply (AOT_subst α ¬φ{α} ¬(α φ{α}))
3493    using "≡dfI" "conventions:3" "conventions:4" "&I"
3494          "contraposition:2" "cqt-further:4"
3495          "df-rules-formulas[3]" by blast
3496  AOT_hence ¬α ¬φ{α}
3497    apply (AOT_subst (reverse) α ¬φ{α} α ¬φ{α})
3498    using θ by blast
3499  AOT_hence ¬α ¬¬¬φ{α}
3500    by (AOT_subst (reverse) ¬¬¬φ{α} ¬φ{α} for: α)
3501       (simp add: "oth-class-taut:3:b")
3502  AOT_hence α ¬¬φ{α}
3503    by (rule "conventions:4"[THEN "≡dfI"])
3504  AOT_thus α φ{α}
3505    using "conventions:5"[THEN "≡Df"]
3506    by (AOT_subst φ{α} ¬¬φ{α} for: α)
3507qed
3508lemmas "BF◇" = "BFs:3"
3509
3510AOT_theorem "BFs:4": α φ{α}  α φ{α}
3511proof(rule "→I")
3512  AOT_assume α φ{α}
3513  AOT_hence ¬α ¬φ{α}
3514    using "conventions:4"[THEN "≡dfE"] by blast
3515  AOT_hence ¬α ¬φ{α}
3516    using "KBasic2:1"
3517    by (AOT_subst ¬φ{α} ¬φ{α} for: α)
3518  moreover AOT_have α ¬φ{α}  α ¬φ{α}
3519    using "≡I" "BF" "CBF" by metis
3520  ultimately AOT_have 1: ¬α ¬φ{α}
3521    using "≡E"(3) by blast
3522  AOT_show α φ{α}
3523    apply (rule "conventions:5"[THEN "≡dfI"])
3524    apply (AOT_subst α φ{α} ¬α ¬φ{α})
3525     apply (simp add: "conventions:4" "≡Df")
3526    apply (AOT_subst ¬¬α ¬φ{α} α ¬φ{α})
3527    by (auto simp: 1 "≡I" "useful-tautologies:1" "useful-tautologies:2")
3528qed
3529lemmas "CBF◇" = "BFs:4"
3530
3531AOT_theorem "sign-S5-thm:1": α φ{α}  α φ{α}
3532proof(rule "→I")
3533  AOT_assume α φ{α}
3534  then AOT_obtain α where φ{α} using "∃E" by metis
3535  moreover AOT_have α
3536    by (simp add: "ex:1:a" "rule-ui:2[const_var]" RN)
3537  moreover AOT_have φ{τ}, τ  α φ{α} for τ
3538  proof -
3539    AOT_have φ{τ}, τ  α φ{α} using "existential:1" by blast
3540    AOT_thus φ{τ}, τ  α φ{α}
3541      using "RN[prem]"[where Γ="{φ τ, «τ»}", simplified] by blast
3542  qed
3543  ultimately AOT_show α φ{α} by blast
3544qed
3545lemmas Buridan = "sign-S5-thm:1"
3546
3547AOT_theorem "sign-S5-thm:2": α φ{α}  α φ{α}
3548proof -
3549  AOT_have α (α φ{α}  φ{α})
3550    by (simp add: "RM◇" "cqt-orig:3" "∀I")
3551  AOT_thus α φ{α}  α φ{α}
3552    using "∀E"(4) "∀I" "→E" "→I" by metis
3553qed
3554lemmas "Buridan◇" = "sign-S5-thm:2"
3555
3556AOT_theorem "sign-S5-thm:3":
3557  α (φ{α} & ψ{α})  (α φ{α} & α ψ{α})
3558  apply (rule "RM:2")
3559  by (metis (no_types, lifting) "∃E" "&I" "&E"(1) "&E"(2) "→I" "∃I"(2))
3560
3561AOT_theorem "sign-S5-thm:4": α (φ{α} & ψ{α})  α φ{α}
3562  apply (rule "RM:2")
3563  by (meson "instantiation" "&E"(1) "→I" "∃I"(2))
3564
3565AOT_theorem "sign-S5-thm:5":
3566  (α (φ{α}  ψ{α}) & α (ψ{α}  χ{α}))  α (φ{α}  χ{α})
3567proof -
3568  {
3569    fix φ' ψ' χ'
3570    AOT_assume  φ' & ψ'  χ'
3571    AOT_hence φ' & ψ'  χ'
3572      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3573      using "&E" "&I" "→E" "→I" by metis
3574  } note R = this
3575  show ?thesis by (rule R; fact AOT)
3576qed
3577
3578AOT_theorem "sign-S5-thm:6":
3579  (α (φ{α}  ψ{α}) & α(ψ{α}  χ{α}))  α(φ{α}  χ{α})
3580proof -
3581  {
3582    fix φ' ψ' χ'
3583    AOT_assume  φ' & ψ'  χ'
3584    AOT_hence φ' & ψ'  χ'
3585      using "RN[prem]"[where Γ="{φ', ψ'}"] apply simp
3586      using "&E" "&I" "→E" "→I" by metis
3587  } note R = this
3588  show ?thesis by (rule R; fact AOT)
3589qed
3590
3591AOT_theorem "exist-nec2:1": τ  τ
3592  using "B◇" "RM◇" "Hypothetical Syllogism" "exist-nec" by blast
3593
3594AOT_theorem "exists-nec2:2": τ  τ
3595  by (meson "Act-Sub:3" "Hypothetical Syllogism" "exist-nec"
3596            "exist-nec2:1" "≡I" "nec-imp-act")
3597
3598AOT_theorem "exists-nec2:3": ¬τ  ¬τ
3599  using "KBasic2:1" "→I" "exist-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3600
3601AOT_theorem "exists-nec2:4": ¬τ  ¬τ
3602  by (metis "Act-Sub:3" "KBasic:12" "→I" "exist-nec" "exists-nec2:3"
3603            "≡I" "≡E"(4) "nec-imp-act" "reductio-aa:1")
3604
3605AOT_theorem "id-nec2:1": α = β  α = β
3606  using "B◇" "RM◇" "Hypothetical Syllogism" "id-nec:1" by blast
3607
3608AOT_theorem "id-nec2:2": α  β  α  β
3609  apply (AOT_subst α  β ¬(α = β))
3610  using "=-infix"[THEN "≡Df"] apply blast
3611  using "KBasic2:1" "→I" "id-nec2:1" "≡E"(2) "modus-tollens:1" by blast
3612
3613AOT_theorem "id-nec2:3": α  β  α  β
3614  apply (AOT_subst α  β ¬(α = β))
3615  using "=-infix"[THEN "≡Df"] apply blast
3616  by (metis "KBasic:11" "→I" "id-nec:2" "≡E"(3) "reductio-aa:2" "→E")
3617
3618AOT_theorem "id-nec2:4": α = β  α = β
3619  using "Hypothetical Syllogism" "id-nec2:1" "id-nec:1" by blast
3620
3621AOT_theorem "id-nec2:5": α  β  α  β
3622  using "id-nec2:3" "id-nec2:2" "→I" "→E" by metis
3623
3624AOT_theorem "sc-eq-box-box:1": (φ  φ)  (φ  φ)
3625  apply (rule "≡I"; rule "→I")
3626  using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" apply blast
3627  by (metis "KBasic2:1" "KBasic:1" "KBasic:2" "S5Basic:13" "≡E"(2)
3628            "raa-cor:5" "→E")
3629
3630AOT_theorem "sc-eq-box-box:2": ((φ  φ)  (φ  φ))  (φ  φ)
3631  by (metis "Act-Sub:3" "KBasic:13" "5◇" "∨E"(2) "→I" "≡I"
3632            "nec-imp-act" "raa-cor:2" "→E")
3633
3634AOT_theorem "sc-eq-box-box:3": (φ  φ)  (¬φ  ¬φ)
3635proof (rule "→I"; rule "≡I"; rule "→I")
3636  AOT_assume (φ  φ)
3637  AOT_hence φ  φ using "sc-eq-box-box:1" "≡E" by blast
3638  moreover AOT_assume ¬φ
3639  ultimately AOT_have ¬φ
3640    using "modus-tollens:1" by blast
3641  AOT_thus ¬φ
3642    using "KBasic2:1" "≡E"(2) by blast
3643next
3644  AOT_assume (φ  φ)
3645  moreover AOT_assume ¬φ
3646  ultimately AOT_show ¬φ
3647    using "modus-tollens:1" "qml:2"[axiom_inst] "→E" by blast
3648qed
3649
3650AOT_theorem "sc-eq-box-box:4":
3651  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3652proof(rule "→I"; rule "→I")
3653  AOT_assume θ: (φ  φ) & (ψ  ψ)
3654  AOT_assume ξ: φ  ψ
3655  AOT_hence (φ & ψ)  (¬φ & ¬ψ)
3656    using "≡E"(4) "oth-class-taut:4:g" "raa-cor:3" by blast
3657  moreover {
3658    AOT_assume φ & ψ
3659    AOT_hence (φ  ψ)
3660      using "KBasic:3" "KBasic:8" "≡E"(2) "vdash-properties:10" by blast
3661  }
3662  moreover {
3663    AOT_assume ¬φ & ¬ψ
3664    moreover AOT_have ¬φ  ¬φ and ¬ψ  ¬ψ
3665      using θ "Conjunction Simplification"(1,2)
3666            "sc-eq-box-box:3" "→E" by metis+
3667    ultimately AOT_have ¬φ & ¬ψ
3668      by (metis "&I" "Conjunction Simplification"(1,2)
3669                "≡E"(4) "modus-tollens:1" "raa-cor:3")
3670    AOT_hence (φ  ψ)
3671      using "KBasic:3" "KBasic:9" "≡E"(2) "→E" by blast
3672  }
3673  ultimately AOT_show (φ  ψ)
3674    using "∨E"(2) "reductio-aa:1" by blast
3675qed
3676
3677AOT_theorem "sc-eq-box-box:5":
3678  ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3679proof (rule "→I")
3680  AOT_assume ((φ  φ) & (ψ  ψ))
3681  AOT_hence ((φ  φ) & (ψ  ψ))
3682    using 4[THEN "→E"] "&E" "&I" "KBasic:3" "≡E"(2) by metis
3683  moreover AOT_have ((φ  φ) & (ψ  ψ))  ((φ  ψ)  (φ  ψ))
3684  proof (rule RM; rule "→I"; rule "→I")
3685    AOT_modally_strict {
3686      AOT_assume A: ((φ  φ) & (ψ  ψ))
3687      AOT_hence φ  φ and ψ  ψ
3688        using "&E" "qml:2"[axiom_inst] "→E" by blast+
3689      moreover AOT_assume φ  ψ
3690      ultimately AOT_have φ  ψ
3691        using "→E" "qml:2"[axiom_inst] "≡E" "≡I" by meson
3692      moreover AOT_have (φ  ψ)  (φ  ψ)
3693        using A "sc-eq-box-box:4" "→E" by blast
3694      ultimately AOT_show (φ  ψ) using "→E" by blast
3695    }
3696  qed
3697  ultimately AOT_show ((φ  ψ)  (φ  ψ)) using "→E" by blast
3698qed
3699
3700AOT_theorem "sc-eq-box-box:6": (φ  φ)  ((φ  ψ)  (φ  ψ))
3701proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3702  AOT_assume ¬(φ  ψ)
3703  AOT_hence ¬(φ  ψ)
3704    by (metis "KBasic:11" "≡E"(1))
3705  AOT_hence (φ & ¬ψ)
3706    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3707       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3708  AOT_hence φ and 2: ¬ψ
3709    using "KBasic2:3"[THEN "→E"] "&E" by blast+
3710  moreover AOT_assume (φ  φ)
3711  ultimately AOT_have φ
3712    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3713  AOT_hence φ
3714    using "qml:2"[axiom_inst, THEN "→E"] by blast
3715  moreover AOT_assume φ  ψ
3716  ultimately AOT_have ψ
3717    using "→E" by blast
3718  moreover AOT_have ¬ψ
3719    using 2 "KBasic:12" "¬¬I" "intro-elim:3:d" by blast
3720  ultimately AOT_show ψ & ¬ψ
3721    using "&I" by blast
3722qed
3723
3724AOT_theorem "sc-eq-box-box:7": (φ  φ)  ((φ  𝒜ψ)  𝒜(φ  ψ))
3725proof (rule "→I"; rule "→I"; rule "raa-cor:1")
3726  AOT_assume ¬𝒜(φ  ψ)
3727  AOT_hence 𝒜¬(φ  ψ)
3728    by (metis "Act-Basic:1" "∨E"(2))
3729  AOT_hence 𝒜(φ & ¬ψ)
3730    by (AOT_subst φ & ¬ψ ¬(φ  ψ))
3731       (meson "Commutativity of ≡" "≡E"(1) "oth-class-taut:1:b")
3732  AOT_hence 𝒜φ and 2: 𝒜¬ψ
3733    using "Act-Basic:2"[THEN "≡E"(1)] "&E" by blast+
3734  AOT_hence φ
3735    by (metis "Act-Sub:3" "→E")
3736  moreover AOT_assume (φ  φ)
3737  ultimately AOT_have φ
3738    by (metis "≡E"(1) "sc-eq-box-box:1" "→E")
3739  AOT_hence φ
3740    using "qml:2"[axiom_inst, THEN "→E"] by blast
3741  moreover AOT_assume φ  𝒜ψ
3742  ultimately AOT_have 𝒜ψ
3743    using "→E" by blast
3744  moreover AOT_have ¬𝒜ψ
3745    using 2 by (meson "Act-Sub:1" "≡E"(4) "raa-cor:3")
3746  ultimately AOT_show 𝒜ψ & ¬𝒜ψ
3747    using "&I" by blast
3748qed
3749
3750AOT_theorem "sc-eq-fur:1": 𝒜φ  𝒜φ
3751  using "Act-Basic:6" "Act-Sub:4" "≡E"(6) by blast
3752
3753AOT_theorem "sc-eq-fur:2": (φ  φ)  (𝒜φ  φ)
3754  by (metis "B◇" "Act-Sub:3" "KBasic:13" "T◇" "Hypothetical Syllogism"
3755            "→I" "≡I" "nec-imp-act")
3756
3757AOT_theorem "sc-eq-fur:3":
3758  x (φ{x}  φ{x})  (∃!x φ{x}  ιx φ{x})
3759proof (rule "→I"; rule "→I")
3760  AOT_assume x (φ{x}  φ{x})
3761  AOT_hence A: x (φ{x}  φ{x})
3762    using CBF "→E" by blast
3763  AOT_assume ∃!x φ{x}
3764  then AOT_obtain a where a_def: φ{a} & y (φ{y}  y = a)
3765    using "∃E"[rotated 1, OF "uniqueness:1"[THEN "≡dfE"]] by blast
3766  moreover AOT_have φ{a}
3767    using calculation A "∀E"(2) "qml:2"[axiom_inst] "→E" "&E"(1) by blast
3768  AOT_hence 𝒜φ{a}
3769    using "nec-imp-act" "→E" by blast
3770  moreover AOT_have y (𝒜φ{y}  y = a)
3771  proof (rule "∀I"; rule "→I")
3772    fix b
3773    AOT_assume 𝒜φ{b}
3774    AOT_hence φ{b}
3775      using "Act-Sub:3" "→E" by blast
3776    moreover {
3777      AOT_have (φ{b}  φ{b})
3778        using A "∀E"(2) by blast
3779      AOT_hence φ{b}  φ{b}
3780        using "KBasic:13" "5◇" "Hypothetical Syllogism" "→E" by blast
3781    }
3782    ultimately AOT_have φ{b}
3783      using "→E" by blast
3784    AOT_hence φ{b}
3785      using "qml:2"[axiom_inst] "→E" by blast
3786    AOT_thus b = a
3787      using a_def[THEN "&E"(2)] "∀E"(2) "→E" by blast
3788  qed
3789  ultimately AOT_have 𝒜φ{a} & y (𝒜φ{y}  y = a)
3790    using "&I" by blast
3791  AOT_hence x (𝒜φ{x} & y (𝒜φ{y}  y = x))
3792    using "∃I" by fast
3793  AOT_hence ∃!x 𝒜φ{x}
3794    using "uniqueness:1"[THEN "≡dfI"] by fast
3795  AOT_thus ιx φ{x}
3796    using "actual-desc:1"[THEN "≡E"(2)] by blast
3797qed
3798
3799AOT_theorem "sc-eq-fur:4":
3800x (φ{x}  φ{x})  (x = ιx φ{x}  (φ{x} & z (φ{z}  z = x)))
3801proof (rule "→I")
3802  AOT_assume x (φ{x}  φ{x})
3803  AOT_hence x (φ{x}  φ{x})
3804    using CBF "→E" by blast
3805  AOT_hence A: 𝒜φ{α}  φ{α} for α
3806    using "sc-eq-fur:2" "∀E" "→E" by fast
3807  AOT_show x = ιx φ{x}  (φ{x} & z (φ{z}  z = x))
3808  proof (rule "≡I"; rule "→I")
3809    AOT_assume x = ιx φ{x}
3810    AOT_hence B: 𝒜φ{x} & z (𝒜φ{z}  z = x)
3811      using "nec-hintikka-scheme"[THEN "≡E"(1)] by blast
3812    AOT_show φ{x} & z (φ{z}  z = x)
3813    proof (rule "&I"; (rule "∀I"; rule "→I")?)
3814      AOT_show φ{x}
3815        using A B[THEN "&E"(1)] "≡E"(1) by blast
3816    next
3817      AOT_show z = x if φ{z} for z
3818        using that B[THEN "&E"(2)] "∀E"(2) "→E" A[THEN "≡E"(2)] by blast
3819    qed
3820  next
3821    AOT_assume B: φ{x} & z (φ{z}  z = x)
3822    AOT_have 𝒜φ{x} & z (𝒜φ{z}  z = x)
3823    proof(rule "&I"; (rule "∀I"; rule "→I")?)
3824      AOT_show 𝒜φ{x}
3825        using B[THEN "&E"(1)] A[THEN "≡E"(2)] by blast
3826    next
3827      AOT_show b = x if 𝒜φ{b} for b
3828        using A[THEN "≡E"(1)] that
3829              B[THEN "&E"(2), THEN "∀E"(2), THEN "→E"] by blast
3830    qed
3831    AOT_thus x = ιx φ{x}
3832      using "nec-hintikka-scheme"[THEN "≡E"(2)] by blast
3833  qed
3834qed
3835
3836AOT_theorem "id-act:1": α = β  𝒜α = β
3837  by (meson "Act-Sub:3" "Hypothetical Syllogism"
3838            "id-nec2:1" "id-nec:2" "≡I" "nec-imp-act")
3839
3840AOT_theorem "id-act:2": α  β  𝒜α  β
3841proof (AOT_subst α  β ¬(α = β))
3842  AOT_modally_strict {
3843    AOT_show α  β  ¬(α = β)
3844      by (simp add: "=-infix" "≡Df")
3845  }
3846next
3847  AOT_show ¬(α = β)  𝒜¬(α = β)
3848  proof (safe intro!: "≡I" "→I")
3849    AOT_assume ¬α = β
3850    AOT_hence ¬𝒜α = β using "id-act:1" "≡E"(3) by blast
3851    AOT_thus 𝒜¬α = β
3852      using "¬¬E" "Act-Sub:1" "≡E"(3) by blast
3853  next
3854    AOT_assume 𝒜¬α = β
3855    AOT_hence ¬𝒜α = β
3856      using "¬¬I" "Act-Sub:1" "≡E"(4) by blast
3857    AOT_thus ¬α = β
3858      using "id-act:1" "≡E"(4) by blast
3859  qed
3860qed
3861
3862AOT_theorem "A-Exists:1": 𝒜∃!α φ{α}  ∃!α 𝒜φ{α}
3863proof -
3864  AOT_have 𝒜∃!α φ{α}  𝒜αβ (φ{β}  β = α)
3865    by (AOT_subst ∃!α φ{α} αβ (φ{β}  β = α))
3866       (auto simp add: "oth-class-taut:3:a" "uniqueness:2")
3867  also AOT_have   α 𝒜β (φ{β}  β = α)
3868    by (simp add: "Act-Basic:10")
3869  also AOT_have   αβ 𝒜(φ{β}  β = α)
3870    by (AOT_subst 𝒜β (φ{β}  β = α) β 𝒜(φ{β}  β = α) for: α)
3871       (auto simp: "logic-actual-nec:3"[axiom_inst] "oth-class-taut:3:a")
3872  also AOT_have   αβ (𝒜φ{β}  𝒜β = α)
3873    by (AOT_subst (reverse) 𝒜φ{β}  𝒜β = α
3874                            𝒜(φ{β}  β = α) for: α β :: 'a)
3875       (auto simp: "Act-Basic:5" "cqt-further:7")
3876  also AOT_have   αβ (𝒜φ{β}  β = α)
3877    by (AOT_subst (reverse) 𝒜β = α β = α for: α β :: 'a)
3878       (auto simp: "id-act:1" "cqt-further:7")
3879  also AOT_have ...  ∃!α 𝒜φ{α}
3880    using "uniqueness:2" "Commutativity of ≡"[THEN "≡E"(1)] by fast
3881  finally show ?thesis.
3882qed
3883
3884AOT_theorem "A-Exists:2": ιx φ{x}  𝒜∃!x φ{x}
3885  by (AOT_subst 𝒜∃!x φ{x} ∃!x 𝒜φ{x})
3886     (auto simp: "actual-desc:1" "A-Exists:1")
3887
3888AOT_theorem "id-act-desc:1": ιx (x = y)
3889proof(rule "existence:1"[THEN "≡dfI"]; rule "∃I")
3890  AOT_show x E!x  E!x]ιx (x = y)
3891  proof (rule "russell-axiom[exe,1].nec-russell-axiom"[THEN "≡E"(2)];
3892         rule "∃I"; (rule "&I")+)
3893    AOT_show 𝒜y = y by (simp add: "RA[2]" "id-eq:1")
3894  next
3895    AOT_show z (𝒜z = y  z = y)
3896      apply (rule "∀I")
3897      using "id-act:1"[THEN "≡E"(2)] "→I" by blast
3898  next
3899    AOT_show x E!x  E!x]y
3900    proof (rule "lambda-predicates:2"[axiom_inst, THEN "→E", THEN "≡E"(2)])
3901      AOT_show x E!x  E!x]
3902        by "cqt:2[lambda]"
3903    next
3904      AOT_show E!y  E!y 
3905        by (simp add: "if-p-then-p")
3906    qed
3907  qed
3908next
3909  AOT_show x E!x  E!x]
3910    by "cqt:2[lambda]"
3911qed
3912
3913AOT_theorem "id-act-desc:2": y = ιx (x = y)
3914  by (rule descriptions[axiom_inst, THEN "≡E"(2)];
3915      rule "∀I"; rule "id-act:1"[symmetric])
3916
3917AOT_theorem "pre-en-eq:1[1]": x1[F]  x1[F]
3918  by (simp add: encoding "vdash-properties:1[2]")
3919
3920AOT_theorem "pre-en-eq:1[2]": x1x2[F]  x1x2[F]
3921proof (rule "→I")
3922  AOT_assume x1x2[F]
3923  AOT_hence x1y [F]yx2] and x2y [F]x1y]
3924    using "nary-encoding[2]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3925  moreover AOT_have y [F]yx2] by "cqt:2"
3926  moreover AOT_have y [F]x1y] by "cqt:2"
3927  ultimately AOT_have x1y [F]yx2] and x2y [F]x1y]
3928    using encoding[axiom_inst, unvarify F] "→E" "&I" by blast+
3929  note A = this
3930  AOT_hence (x1y [F]yx2] & x2y [F]x1y])
3931    using "KBasic:3"[THEN "≡E"(2)] "&I" by blast
3932  AOT_thus x1x2[F]
3933    by (rule "nary-encoding[2]"[axiom_inst, THEN RN,
3934                                THEN "KBasic:6"[THEN "→E"],
3935                                THEN "≡E"(2)])
3936qed
3937
3938AOT_theorem "pre-en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
3939proof (rule "→I")
3940  AOT_assume x1x2x3[F]
3941  AOT_hence x1y [F]yx2x3]
3942        and x2y [F]x1yx3]
3943        and x3y [F]x1x2y]
3944    using "nary-encoding[3]"[axiom_inst, THEN "≡E"(1)] "&E" by blast+
3945  moreover AOT_have y [F]yx2x3] by "cqt:2"
3946  moreover AOT_have y [F]x1yx3] by "cqt:2"
3947  moreover AOT_have y [F]x1x2y] by "cqt:2"
3948  ultimately AOT_have x1y [F]yx2x3]
3949                  and x2y [F]x1yx3]
3950                  and x3y [F]x1x2y]
3951    using encoding[axiom_inst, unvarify F] "→E" by blast+
3952  note A = this
3953  AOT_have B: (x1y [F]yx2x3] & x2y [F]x1yx3] & x3y [F]x1x2y])
3954    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3955  AOT_thus x1x2x3[F]
3956    by (rule "nary-encoding[3]"[axiom_inst, THEN RN,
3957                THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3958qed
3959
3960AOT_theorem "pre-en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
3961proof (rule "→I")
3962  AOT_assume x1x2x3x4[F]
3963  AOT_hence x1y [F]yx2x3x4]
3964        and x2y [F]x1yx3x4]
3965        and x3y [F]x1x2yx4]
3966        and x4y [F]x1x2x3y]
3967    using "nary-encoding[4]"[axiom_inst, THEN "≡E"(1)] "&E" by metis+
3968  moreover AOT_have y [F]yx2x3x4] by "cqt:2"
3969  moreover AOT_have y [F]x1yx3x4] by "cqt:2"
3970  moreover AOT_have y [F]x1x2yx4] by "cqt:2"
3971  moreover AOT_have y [F]x1x2x3y] by "cqt:2"
3972  ultimately AOT_have x1y [F]yx2x3x4]
3973                  and x2y [F]x1yx3x4]
3974                  and x3y [F]x1x2yx4]
3975                  and x4y [F]x1x2x3y]
3976    using "→E" encoding[axiom_inst, unvarify F] by blast+
3977  note A = this
3978  AOT_have B: (x1y [F]yx2x3x4] &
3979                  x2y [F]x1yx3x4] &
3980                  x3y [F]x1x2yx4] &
3981                  x4y [F]x1x2x3y])
3982    by (rule "KBasic:3"[THEN "≡E"(2)] "&I" A)+
3983  AOT_thus x1x2x3x4[F]
3984    by (rule "nary-encoding[4]"[axiom_inst, THEN RN,
3985              THEN "KBasic:6"[THEN "→E"], THEN "≡E"(2)])
3986qed
3987
3988AOT_theorem "pre-en-eq:2[1]": ¬x1[F]  ¬x1[F]
3989proof (rule "→I"; rule "raa-cor:1")
3990  AOT_assume ¬¬x1[F]
3991  AOT_hence x1[F]
3992    by (rule "conventions:5"[THEN "≡dfI"])
3993  AOT_hence x1[F]
3994    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[1]"[THEN RN],
3995              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
3996  moreover AOT_assume ¬x1[F]
3997  ultimately AOT_show x1[F] & ¬x1[F] by (rule "&I")
3998qed
3999AOT_theorem "pre-en-eq:2[2]": ¬x1x2[F]  ¬x1x2[F]
4000proof (rule "→I"; rule "raa-cor:1")
4001  AOT_assume ¬¬x1x2[F]
4002  AOT_hence x1x2[F]
4003    by (rule "conventions:5"[THEN "≡dfI"])
4004  AOT_hence x1x2[F]
4005    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[2]"[THEN RN],
4006              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4007  moreover AOT_assume ¬x1x2[F]
4008  ultimately AOT_show x1x2[F] & ¬x1x2[F] by (rule "&I")
4009qed
4010
4011AOT_theorem "pre-en-eq:2[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4012proof (rule "→I"; rule "raa-cor:1")
4013  AOT_assume ¬¬x1x2x3[F]
4014  AOT_hence x1x2x3[F]
4015    by (rule "conventions:5"[THEN "≡dfI"])
4016  AOT_hence x1x2x3[F]
4017    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[3]"[THEN RN],
4018              THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4019  moreover AOT_assume ¬x1x2x3[F]
4020  ultimately AOT_show x1x2x3[F] & ¬x1x2x3[F] by (rule "&I")
4021qed
4022
4023AOT_theorem "pre-en-eq:2[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4024proof (rule "→I"; rule "raa-cor:1")
4025  AOT_assume ¬¬x1x2x3x4[F]
4026  AOT_hence x1x2x3x4[F]
4027    by (rule "conventions:5"[THEN "≡dfI"])
4028  AOT_hence x1x2x3x4[F]
4029    by(rule "S5Basic:13"[THEN "≡E"(1), OF  "pre-en-eq:1[4]"[THEN RN],
4030                         THEN "qml:2"[axiom_inst, THEN "→E"], THEN "→E"])
4031  moreover AOT_assume ¬x1x2x3x4[F]
4032  ultimately AOT_show x1x2x3x4[F] & ¬x1x2x3x4[F] by (rule "&I")
4033qed
4034
4035AOT_theorem "en-eq:1[1]": x1[F]  x1[F]
4036  using "pre-en-eq:1[1]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4037AOT_theorem "en-eq:1[2]": x1x2[F]  x1x2[F]
4038  using "pre-en-eq:1[2]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by metis
4039AOT_theorem "en-eq:1[3]": x1x2x3[F]  x1x2x3[F]
4040  using "pre-en-eq:1[3]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4041AOT_theorem "en-eq:1[4]": x1x2x3x4[F]  x1x2x3x4[F]
4042  using "pre-en-eq:1[4]"[THEN RN] "sc-eq-box-box:2" "∨I" "→E" by fast
4043
4044AOT_theorem "en-eq:2[1]": x1[F]  x1[F]
4045  by (simp add: "≡I" "pre-en-eq:1[1]" "qml:2"[axiom_inst])
4046AOT_theorem "en-eq:2[2]": x1x2[F]  x1x2[F]
4047  by (simp add: "≡I" "pre-en-eq:1[2]" "qml:2"[axiom_inst])
4048AOT_theorem "en-eq:2[3]": x1x2x3[F]  x1x2x3[F]
4049  by (simp add: "≡I" "pre-en-eq:1[3]" "qml:2"[axiom_inst])
4050AOT_theorem "en-eq:2[4]": x1x2x3x4[F]  x1x2x3x4[F]
4051  by (simp add: "≡I" "pre-en-eq:1[4]" "qml:2"[axiom_inst])
4052
4053AOT_theorem "en-eq:3[1]": x1[F]  x1[F]
4054  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[1]"] "≡I" by blast
4055AOT_theorem "en-eq:3[2]": x1x2[F]  x1x2[F]
4056  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[2]"] "≡I" by blast
4057AOT_theorem "en-eq:3[3]": x1x2x3[F]  x1x2x3[F]
4058  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[3]"] "≡I" by blast
4059AOT_theorem "en-eq:3[4]": x1x2x3x4[F]  x1x2x3x4[F]
4060  using "T◇" "derived-S5-rules:2"[OF "pre-en-eq:1[4]"] "≡I" by blast
4061
4062AOT_theorem "en-eq:4[1]":
4063  (x1[F]  y1[G])  (x1[F]  y1[G])
4064  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4065  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[1]" by blast+
4066AOT_theorem "en-eq:4[2]":
4067  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4068  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4069  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[2]" by blast+
4070AOT_theorem "en-eq:4[3]":
4071  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4072  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4073  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[3]" by blast+
4074AOT_theorem "en-eq:4[4]":
4075  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4076  apply (rule "≡I"; rule "→I"; rule "≡I"; rule "→I")
4077  using "qml:2"[axiom_inst, THEN "→E"] "≡E"(1,2) "en-eq:2[4]" by blast+
4078
4079AOT_theorem "en-eq:5[1]":
4080  (x1[F]  y1[G])  (x1[F]  y1[G])
4081  apply (rule "≡I"; rule "→I")
4082  using "en-eq:4[1]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4083   apply blast
4084  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4085        "&I"[OF "pre-en-eq:1[1]"[THEN RN], OF "pre-en-eq:1[1]"[THEN RN]]
4086  by blast
4087AOT_theorem "en-eq:5[2]":
4088  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4089  apply (rule "≡I"; rule "→I")
4090  using "en-eq:4[2]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4091   apply blast
4092  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4093        "&I"[OF "pre-en-eq:1[2]"[THEN RN], OF "pre-en-eq:1[2]"[THEN RN]]
4094  by blast
4095AOT_theorem "en-eq:5[3]":
4096  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4097  apply (rule "≡I"; rule "→I")
4098  using "en-eq:4[3]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4099   apply blast
4100  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4101        "&I"[OF "pre-en-eq:1[3]"[THEN RN], OF "pre-en-eq:1[3]"[THEN RN]]
4102  by blast
4103AOT_theorem "en-eq:5[4]":
4104  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4105  apply (rule "≡I"; rule "→I")
4106  using "en-eq:4[4]"[THEN "≡E"(1)] "qml:2"[axiom_inst, THEN "→E"]
4107   apply blast
4108  using "sc-eq-box-box:4"[THEN "→E", THEN "→E"]
4109        "&I"[OF "pre-en-eq:1[4]"[THEN RN], OF "pre-en-eq:1[4]"[THEN RN]]
4110  by blast
4111
4112AOT_theorem "en-eq:6[1]":
4113  (x1[F]  y1[G])  (x1[F]  y1[G])
4114  using "en-eq:5[1]"[symmetric] "en-eq:4[1]" "≡E"(5) by fast
4115AOT_theorem "en-eq:6[2]":
4116  (x1x2[F]  y1y2[G])  (x1x2[F]  y1y2[G])
4117  using "en-eq:5[2]"[symmetric] "en-eq:4[2]" "≡E"(5) by fast
4118AOT_theorem "en-eq:6[3]":
4119  (x1x2x3[F]  y1y2y3[G])  (x1x2x3[F]  y1y2y3[G])
4120  using "en-eq:5[3]"[symmetric] "en-eq:4[3]" "≡E"(5) by fast
4121AOT_theorem "en-eq:6[4]":
4122  (x1x2x3x4[F]  y1y2y3y4[G])  (x1x2x3x4[F]  y1y2y3y4[G])
4123  using "en-eq:5[4]"[symmetric] "en-eq:4[4]" "≡E"(5) by fast
4124
4125AOT_theorem "en-eq:7[1]": ¬x1[F]  ¬x1[F]
4126  using "pre-en-eq:2[1]" "qml:2"[axiom_inst] "≡I" by blast
4127AOT_theorem "en-eq:7[2]": ¬x1x2[F]  ¬x1x2[F]
4128  using "pre-en-eq:2[2]" "qml:2"[axiom_inst] "≡I" by blast
4129AOT_theorem "en-eq:7[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4130  using "pre-en-eq:2[3]" "qml:2"[axiom_inst] "≡I" by blast
4131AOT_theorem "en-eq:7[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4132  using "pre-en-eq:2[4]" "qml:2"[axiom_inst] "≡I" by blast
4133
4134AOT_theorem "en-eq:8[1]": ¬x1[F]  ¬x1[F]
4135  using "en-eq:2[1]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4136        "KBasic:11" "≡E"(5)[symmetric] by blast
4137AOT_theorem "en-eq:8[2]": ¬x1x2[F]  ¬x1x2[F]
4138  using "en-eq:2[2]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4139        "KBasic:11" "≡E"(5)[symmetric] by blast
4140AOT_theorem "en-eq:8[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4141  using "en-eq:2[3]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4142        "KBasic:11" "≡E"(5)[symmetric] by blast
4143AOT_theorem "en-eq:8[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4144  using "en-eq:2[4]"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
4145        "KBasic:11" "≡E"(5)[symmetric] by blast
4146
4147AOT_theorem "en-eq:9[1]": ¬x1[F]  ¬x1[F]
4148  using "en-eq:7[1]" "en-eq:8[1]" "≡E"(5) by blast
4149AOT_theorem "en-eq:9[2]": ¬x1x2[F]  ¬x1x2[F]
4150  using "en-eq:7[2]" "en-eq:8[2]" "≡E"(5) by blast
4151AOT_theorem "en-eq:9[3]": ¬x1x2x3[F]  ¬x1x2x3[F]
4152  using "en-eq:7[3]" "en-eq:8[3]" "≡E"(5) by blast
4153AOT_theorem "en-eq:9[4]": ¬x1x2x3x4[F]  ¬x1x2x3x4[F]
4154  using "en-eq:7[4]" "en-eq:8[4]" "≡E"(5) by blast
4155
4156AOT_theorem "en-eq:10[1]": 𝒜x1[F]  x1[F]
4157  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4158            "nec-imp-act" "en-eq:3[1]" "pre-en-eq:1[1]")
4159AOT_theorem "en-eq:10[2]": 𝒜x1x2[F]  x1x2[F]
4160  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4161            "nec-imp-act" "en-eq:3[2]" "pre-en-eq:1[2]")
4162AOT_theorem "en-eq:10[3]": 𝒜x1x2x3[F]  x1x2x3[F]
4163  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4164            "nec-imp-act" "en-eq:3[3]" "pre-en-eq:1[3]")
4165AOT_theorem "en-eq:10[4]": 𝒜x1x2x3x4[F]  x1x2x3x4[F]
4166  by (metis "Act-Sub:3" "deduction-theorem" "≡I" "≡E"(1)
4167            "nec-imp-act" "en-eq:3[4]" "pre-en-eq:1[4]")
4168
4169AOT_theorem "oa-facts:1": O!x  O!x
4170proof(rule "→I")
4171  AOT_modally_strict {
4172    AOT_have x E!x]x  E!x
4173      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4174  } note θ = this
4175  AOT_assume O!x
4176  AOT_hence x E!x]x
4177    by (rule "=dfE"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4178  AOT_hence E!x using θ[THEN "≡E"(1)] by blast
4179  AOT_hence E!x using "qml:3"[axiom_inst, THEN "→E"] by blast
4180  AOT_hence x E!x]x
4181    by (AOT_subst x E!x]x E!x)
4182       (auto simp: θ)
4183  AOT_thus O!x
4184    by (rule "=dfI"(2)[OF AOT_ordinary, rotated 1]) "cqt:2"
4185qed
4186
4187AOT_theorem "oa-facts:2": A!x  A!x
4188proof(rule "→I")
4189  AOT_modally_strict {
4190    AOT_have x ¬E!x]x  ¬E!x
4191      by (rule "lambda-predicates:2"[axiom_inst, THEN "→E"]) "cqt:2"
4192  } note θ = this
4193  AOT_assume A!x
4194  AOT_hence x ¬E!x]x
4195    by (rule "=dfE"(2)[OF AOT_abstract, rotated 1]) "cqt:2"
4196  AOT_hence ¬E!x using θ[THEN "≡E"(1)] by blast
4197  AOT_hence ¬E!x using "KBasic2:1"[THEN "≡E"(2)] by blast
4198  AOT_hence ¬E!x using "4"[THEN "→E"] by blast
4199  AOT_hence ¬E!x
4200    using "KBasic2:1"
4201    by (AOT_subst (reverse) ¬E!x ¬E!x) blast
4202  AOT_hence x ¬E!x]x
4203    by (AOT_subst x ¬E!x]x ¬E!x)
4204       (auto simp: θ)
4205  AOT_thus A!x
4206    by (rule "=dfI"(2)[OF AOT_abstract, rotated 1]) "cqt:2[lambda]"
4207qed
4208
4209AOT_theorem "oa-facts:3": O!x  O!x
4210  using "oa-facts:1" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4211AOT_theorem "oa-facts:4": A!x  A!x
4212  using "oa-facts:2" "B◇" "RM◇" "Hypothetical Syllogism" by blast
4213
4214AOT_theorem "oa-facts:5": O!x  O!x
4215  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4216            "oa-facts:1" "oa-facts:3")
4217
4218AOT_theorem "oa-facts:6": A!x  A!x
4219  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4220            "oa-facts:2" "oa-facts:4")
4221
4222AOT_theorem "oa-facts:7": O!x  𝒜O!x
4223  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4224            "oa-facts:1" "oa-facts:3")
4225
4226AOT_theorem "oa-facts:8": A!x  𝒜A!x
4227  by (meson "Act-Sub:3" "Hypothetical Syllogism" "≡I" "nec-imp-act"
4228            "oa-facts:2" "oa-facts:4")
4229
4230subsection‹The Theory of Relations›
4231text‹\label{PLM: 9.10}›
4232
4233AOT_theorem "beta-C-meta":
4234  μ1...μn φ{μ1...μn, ν1...νn}] 
4235   (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4236  using "lambda-predicates:2"[axiom_inst] by blast
4237
4238AOT_theorem "beta-C-cor:1":
4239  (ν1...∀νn(μ1...μn φ{μ1...μn, ν1...νn}])) 
4240   ν1...∀νn (μ1...μn φ{μ1...μn, ν1...νn}]ν1...νn  φ{ν1...νn, ν1...νn})
4241  apply (rule "cqt-basic:14"[where 'a='a, THEN "→E"])
4242  using "beta-C-meta" "∀I" by fast
4243
4244AOT_theorem "beta-C-cor:2":
4245  μ1...μn φ{μ1...μn}] 
4246   ν1...∀νn (μ1...μn φ{μ1...μn}]ν1...νn  φ{ν1...νn})
4247  apply (rule "→I"; rule "∀I")
4248  using "beta-C-meta"[THEN "→E"] by fast
4249
4250(* TODO: syntax *)
4251theorem "beta-C-cor:3":
4252  assumes ν1νn. AOT_instance_of_cqt_2 (φ (AOT_term_of_var ν1νn))
4253  shows [v  ν1...∀νn (μ1...μn φ{ν1...νn, μ1...μn}]ν1...νn 
4254                         φ{ν1...νn, ν1...νn})]
4255  using "cqt:2[lambda]"[axiom_inst, OF assms]
4256        "beta-C-cor:1"[THEN "→E"] "∀I" by fast
4257
4258AOT_theorem "betaC:1:a": μ1...μn φ{μ1...μn}]κ1...κn  φ{κ1...κn}
4259proof -
4260  AOT_modally_strict {
4261    AOT_assume μ1...μn φ{μ1...μn}]κ1...κn
4262    moreover AOT_have μ1...μn φ{μ1...μn}] and κ1...κn
4263      using calculation "cqt:5:a"[axiom_inst, THEN "→E"] "&E" by blast+
4264    ultimately AOT_show φ{κ1...κn}
4265      using "beta-C-cor:2"[THEN "→E", THEN "∀E"(1), THEN "≡E"(1)] by blast
4266  }
4267qed
4268
4269AOT_theorem "betaC:1:b": ¬φ{κ1...κn}  ¬μ1...μn φ{μ1...μn}]κ1...κn
4270  using "betaC:1:a" "raa-cor:3" by blast
4271
4272lemmas "β→C" = "betaC:1:a" "betaC:1:b"
4273
4274AOT_theorem "betaC:2:a":
4275  μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4276   μ1...μn φ{μ1...μn}]κ1...κn
4277proof -
4278  AOT_modally_strict {
4279    AOT_assume 1: μ1...μn φ{μ1...μn}]
4280           and 2: κ1...κn
4281           and 3: φ{κ1...κn}
4282    AOT_hence μ1...μn φ{μ1...μn}]κ1...κn
4283      using "beta-C-cor:2"[THEN "→E", OF 1, THEN "∀E"(1), THEN "≡E"(2)]
4284      by blast
4285  }
4286  AOT_thus μ1...μn φ{μ1...μn}], κ1...κn, φ{κ1...κn} 
4287            μ1...μn φ{μ1...μn}]κ1...κn
4288    by blast
4289qed
4290
4291AOT_theorem "betaC:2:b":
4292  μ1...μn φ{μ1...μn}], κ1...κn, ¬μ1...μn φ{μ1...μn}]κ1...κn 
4293   ¬φ{κ1...κn}
4294  using "betaC:2:a" "raa-cor:3" by blast
4295
4296lemmas "β←C" = "betaC:2:a" "betaC:2:b"
4297
4298AOT_theorem "eta-conversion-lemma1:1": Π  x1...xn [Π]x1...xn] = Π
4299  using "lambda-predicates:3"[axiom_inst] "∀I" "∀E"(1) "→I" by fast
4300
4301(* Note: generalized alphabetic variant of the last theorem *)
4302AOT_theorem "eta-conversion-lemma1:2": Π  ν1...νn [Π]ν1...νn] = Π
4303  using "eta-conversion-lemma1:1".
4304
4305text‹Note: not explicitly part of PLM.›
4306AOT_theorem id_sym:
4307  assumes τ = τ'
4308  shows τ' = τ
4309  using "rule=E"[where φ="λ τ' . «τ' = τ»", rotated 1, OF assms]
4310        "=I"(1)[OF "t=t-proper:1"[THEN "→E", OF assms]] by auto
4311declare id_sym[sym]
4312
4313text‹Note: not explicitly part of PLM.›
4314AOT_theorem id_trans:
4315  assumes τ = τ' and τ' = τ''
4316  shows τ = τ''
4317  using "rule=E" assms by blast
4318declare id_trans[trans]
4319
4320method "ηC" for Π :: <'a::{AOT_Term_id_2,AOT_κs}> =
4321  (match conclusion in "[v  τ{Π} = τ'{Π}]" for v τ τ'  4322   rule "rule=E"[rotated 1, OF "eta-conversion-lemma1:2"
4323    [THEN "→E", of v "«[Π]»", symmetric]])
4324(*
4325AOT_theorem ‹[λy [λz [P]z]y → [λu [S]u]y] = [λy [P]y → [S]y]›
4326  apply ("ηC" "«[P]»") defer
4327   apply ("ηC" "«[S]»") defer
4328  oops
4329*)
4330(* TODO: proper representation of eta_conversion_lemma2 *)
4331
4332AOT_theorem "sub-des-lam:1":
4333  z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x} 
4334   z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4335proof(rule "→I")
4336  AOT_assume A: z1...zn  χ{z1...zn, ιx φ{x}}] & ιx φ{x} = ιx ψ{x}
4337  AOT_show z1...zn χ{z1...zn, ιx φ{x}}] = z1...zn χ{z1...zn, ιx ψ{x}}]
4338    using "rule=E"[where φ="λ τ . «z1...zn χ{z1...zn, ιx φ{x}}] =
4339                                   z1...zn χ{z1...zn, τ}]»",
4340               OF "=I"(1)[OF A[THEN "&E"(1)]], OF A[THEN "&E"(2)]]
4341    by blast
4342qed
4343
4344AOT_theorem "sub-des-lam:2":
4345  ιx φ{x} = ιx ψ{x}  χ{ιx φ{x}} = χ{ιx ψ{x}} for χ :: ‹κ  𝗈›
4346  using "rule=E"[where φ="λ τ . «χ{ιx φ{x}} = χ{τ}»",
4347                 OF "=I"(1)[OF "log-prop-prop:2"]] "→I" by blast
4348
4349AOT_theorem "prop-equiv": F = G  x (x[F]  x[G])
4350proof(rule "≡I"; rule "→I")
4351  AOT_assume F = G
4352  AOT_thus x (x[F]  x[G])
4353    by (rule "rule=E"[rotated]) (fact "oth-class-taut:3:a"[THEN GEN])
4354next
4355  AOT_assume x (x[F]  x[G])
4356  AOT_hence x[F]  x[G] for x
4357    using "∀E" by blast
4358  AOT_hence (x[F]  x[G]) for x
4359    using "en-eq:6[1]"[THEN "≡E"(1)] by blast
4360  AOT_hence x (x[F]  x[G])
4361    by (rule GEN)
4362  AOT_hence x (x[F]  x[G])
4363    using BF[THEN "→E"] by fast
4364  AOT_thus "F = G"
4365    using "p-identity-thm2:1"[THEN "≡E"(2)] by blast
4366qed
4367
4368AOT_theorem "relations:1":
4369  assumes INSTANCE_OF_CQT_2(φ)
4370  shows F x1...∀xn ([F]x1...xn  φ{x1...xn})
4371  apply (rule "∃I"(1)[where τ="«x1...xn φ{x1...xn}]»"])
4372  using "cqt:2[lambda]"[OF assms, axiom_inst]
4373        "beta-C-cor:2"[THEN "→E", THEN RN] by blast+
4374
4375AOT_theorem "relations:2":
4376  assumes INSTANCE_OF_CQT_2(φ)
4377  shows F x ([F]x  φ{x})
4378  using "relations:1" assms by blast
4379
4380AOT_theorem "block-paradox:1": ¬x G (x[G] & ¬[G]x)]
4381proof(rule RAA(2))
4382  let ="λ τ. «G (τ[G] & ¬[G]τ)»"
4383  AOT_assume A: x « x»]
4384  AOT_have x (A!x & F (x[F]  F = x « x»]))
4385    using "A-objects"[axiom_inst] by fast
4386  then AOT_obtain a where ξ: A!a & F (a[F]  F = x « x»])
4387    using "∃E"[rotated] by blast
4388  AOT_show ¬x G (x[G] & ¬[G]x)]
4389  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4390    AOT_assume B: x « x»]a
4391    AOT_hence G (a[G] & ¬[G]a)
4392      using "β→C" A by blast
4393    then AOT_obtain P where a[P] & ¬[P]a
4394      using "∃E"[rotated] by blast
4395    moreover AOT_have P = x « x»]
4396      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4397            calculation[THEN "&E"(1)] by blast
4398    ultimately AOT_have ¬x « x»]a
4399      using "rule=E" "&E"(2) by fast
4400    AOT_thus ¬x G (x[G] & ¬[G]x)]
4401      using B RAA by blast
4402  next
4403    AOT_assume B: ¬x « x»]a
4404    AOT_hence ¬G (a[G] & ¬[G]a)
4405      using "β←C" "cqt:2[const_var]"[of a, axiom_inst] A by blast
4406    AOT_hence C: G ¬(a[G] & ¬[G]a)
4407      using "cqt-further:4"[THEN "→E"] by blast
4408    AOT_have G (a[G]  [G]a)
4409      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4410         (auto simp: "oth-class-taut:1:a" C)
4411    AOT_hence ax « x»]  x « x»]a
4412      using "∀E" A by blast
4413    moreover AOT_have ax « x»]
4414      using ξ[THEN "&E"(2), THEN "∀E"(1), OF A, THEN "≡E"(2)]
4415      using "=I"(1)[OF A] by blast
4416    ultimately AOT_show ¬x G (x[G] & ¬[G]x)]
4417      using B "→E" RAA by blast
4418  qed
4419qed(simp)
4420
4421AOT_theorem "block-paradox:2": ¬F x([F]x  G(x[G] & ¬[G]x))
4422proof(rule RAA(2))
4423  AOT_assume F x ([F]x  G (x[G] & ¬[G]x))
4424  then AOT_obtain F where F_prop: x ([F]x  G (x[G] & ¬[G]x))
4425    using "∃E"[rotated] by blast
4426  AOT_have x (A!x & G (x[G]  G = F))
4427    using "A-objects"[axiom_inst] by fast
4428  then AOT_obtain a where ξ: A!a & G (a[G]  G = F)
4429    using "∃E"[rotated] by blast
4430  AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4431  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4432    AOT_assume B: [F]a
4433    AOT_hence G (a[G] & ¬[G]a)
4434      using F_prop[THEN "∀E"(2), THEN "≡E"(1)] by blast
4435    then AOT_obtain P where a[P] & ¬[P]a
4436      using "∃E"[rotated] by blast
4437    moreover AOT_have P = F
4438      using ξ[THEN "&E"(2), THEN "∀E"(2), THEN "≡E"(1)]
4439            calculation[THEN "&E"(1)] by blast
4440    ultimately AOT_have ¬[F]a
4441      using "rule=E" "&E"(2) by fast
4442    AOT_thus ¬F x([F]x  G(x[G] & ¬[G]x))
4443      using B RAA by blast
4444  next
4445    AOT_assume B: ¬[F]a
4446    AOT_hence ¬G (a[G] & ¬[G]a)
4447      using "oth-class-taut:4:b"[THEN "≡E"(1),
4448              OF F_prop[THEN "∀E"(2)[of _ _ a]], THEN "≡E"(1)]
4449      by simp
4450    AOT_hence C: G ¬(a[G] & ¬[G]a)
4451      using "cqt-further:4"[THEN "→E"] by blast
4452    AOT_have G (a[G]  [G]a)
4453      by (AOT_subst a[G]  [G]a ¬(a[G] & ¬[G]a) for: G)
4454         (auto simp: "oth-class-taut:1:a" C)
4455    AOT_hence a[F]  [F]a
4456      using "∀E" by blast
4457    moreover AOT_have a[F]
4458      using ξ[THEN "&E"(2), THEN "∀E"(2), of F, THEN "≡E"(2)]
4459      using "=I"(2) by blast
4460    ultimately AOT_show ¬F x([F]x  G(x[G] & ¬[G]x))
4461      using B "→E" RAA by blast
4462  qed
4463qed(simp)
4464
4465AOT_theorem "block-paradox:3": ¬y z z = y]
4466proof(rule RAA(2))
4467  AOT_assume θ: y z z = y]
4468  AOT_have x (A!x & F (x[F]  y(F = z z = y] & ¬y[F])))
4469    using "A-objects"[axiom_inst] by force
4470  then AOT_obtain a where
4471    a_prop: A!a & F (a[F]  y (F = z z = y] & ¬y[F]))
4472    using "∃E"[rotated] by blast
4473  AOT_have ζ: az z = a]  y (z z = a] = z z = y] & ¬yz z = a])
4474    using θ[THEN "∀E"(2)] a_prop[THEN "&E"(2), THEN "∀E"(1)] by blast
4475  AOT_show ¬y z z = y]
4476  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4477    AOT_assume A: az z = a]
4478    AOT_hence y (z z = a] = z z = y] & ¬yz z = a])
4479      using ζ[THEN "≡E"(1)] by blast
4480    then AOT_obtain b where b_prop: z z = a] = z z = b] & ¬bz z = a]
4481      using "∃E"[rotated] by blast
4482    moreover AOT_have a = a by (rule "=I")
4483    moreover AOT_have z z = a] using θ "∀E" by blast
4484    moreover AOT_have a using "cqt:2[const_var]"[axiom_inst] .
4485    ultimately AOT_have z z = a]a using "β←C" by blast
4486    AOT_hence z z = b]a using "rule=E" b_prop[THEN "&E"(1)] by fast
4487    AOT_hence a = b using "β→C" by blast
4488    AOT_hence bz z = a] using A "rule=E" by fast
4489    AOT_thus ¬y z z = y] using b_prop[THEN "&E"(2)] RAA by blast
4490  next
4491    AOT_assume A: ¬az z = a]
4492    AOT_hence ¬y (z z = a] = z z = y] & ¬yz z = a])
4493      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4494    AOT_hence y ¬(z z = a] = z z = y] & ¬yz z = a])
4495      using "cqt-further:4"[THEN "→E"] by blast
4496    AOT_hence ¬(z z = a] = z z = a] & ¬az z = a])
4497      using "∀E" by blast
4498    AOT_hence z z = a] = z z = a]  az z = a]
4499      by (metis "&I" "deduction-theorem" "raa-cor:4")
4500    AOT_hence az z = a] using "=I"(1) θ[THEN "∀E"(2)] "→E" by blast
4501    AOT_thus ¬y z z = y] using A RAA by blast
4502  qed
4503qed(simp)
4504
4505AOT_theorem "block-paradox:4": ¬y F x([F]x  x = y)
4506proof(rule RAA(2))
4507  AOT_assume θ: y F x([F]x  x = y)
4508  AOT_have x (A!x & F (x[F]  z (y([F]y  y = z) & ¬z[F])))
4509    using "A-objects"[axiom_inst] by force
4510  then AOT_obtain a where
4511    a_prop: A!a & F (a[F]  z (y([F]y  y = z) & ¬z[F]))
4512    using "∃E"[rotated] by blast
4513  AOT_obtain F where F_prop: x ([F]x  x = a)
4514    using θ[THEN "∀E"(2)] "∃E"[rotated] by blast
4515  AOT_have ζ: a[F]  z (y ([F]y  y = z) & ¬z[F])
4516    using a_prop[THEN "&E"(2), THEN "∀E"(2)] by blast
4517  AOT_show ¬y F x([F]x  x = y)
4518  proof (rule "∨E"(1)[OF "exc-mid"]; rule "→I")
4519    AOT_assume A: a[F]
4520    AOT_hence z (y ([F]y  y = z) & ¬z[F])
4521      using ζ[THEN "≡E"(1)] by blast
4522    then AOT_obtain b where b_prop: y ([F]y  y = b) & ¬b[F]
4523      using "∃E"[rotated] by blast
4524    moreover AOT_have [F]a
4525      using F_prop[THEN "∀E"(2), THEN "≡E"(2)] "=I"(2) by blast
4526    ultimately AOT_have a = b
4527      using "∀E"(2) "≡E"(1) "&E" by fast
4528    AOT_hence a = b
4529      using "β→C" by blast
4530    AOT_hence b[F]
4531      using A "rule=E" by fast
4532    AOT_thus ¬y F x([F]x  x = y)
4533      using b_prop[THEN "&E"(2)] RAA by blast
4534  next
4535    AOT_assume A: ¬a[F]
4536    AOT_hence ¬z (y ([F]y  y = z) & ¬z[F])
4537      using ζ "oth-class-taut:4:b"[THEN "≡E"(1), THEN "≡E"(1)] by blast
4538    AOT_hence z ¬(y ([F]y  y = z) & ¬z[F])
4539      using "cqt-further:4"[THEN "→E"] by blast
4540    AOT_hence ¬(y ([F]y  y = a) & ¬a[F])
4541      using "∀E" by blast
4542    AOT_hence y ([F]y  y = a)  a[F]
4543      by (metis "&I" "deduction-theorem" "raa-cor:4")
4544    AOT_hence a[F] using F_prop "→E" by blast
4545    AOT_thus ¬y F x([F]x  x = y)
4546      using A RAA by blast
4547  qed
4548qed(simp)
4549
4550AOT_theorem "block-paradox:5": ¬Fxy([F]xy  y = x)
4551proof(rule "raa-cor:2")
4552  AOT_assume Fxy([F]xy  y = x)
4553  then AOT_obtain F where F_prop: xy([F]xy  y = x)
4554    using "∃E"[rotated] by blast
4555  {
4556    fix x
4557    AOT_have 1: y([F]xy  y = x)
4558      using F_prop "∀E" by blast
4559    AOT_have 2: z [F]xz] by "cqt:2"
4560    moreover AOT_have y(z [F]xz]y  y = x)
4561    proof(rule "∀I")
4562      fix y
4563      AOT_have z [F]xz]y  [F]xy
4564        using "beta-C-meta"[THEN "→E"] 2 by fast
4565      also AOT_have ...  y = x
4566        using 1 "∀E" by fast
4567      finally AOT_show z [F]xz]y  y = x.
4568    qed
4569    ultimately AOT_have Fy([F]y  y = x)
4570      using "∃I" by fast
4571  }
4572  AOT_hence xFy([F]y  y = x)
4573    by (rule GEN)
4574  AOT_thus xFy([F]y  y = x) & ¬xFy([F]y  y = x)
4575    using "&I" "block-paradox:4" by blast
4576qed
4577
4578AOT_act_theorem "block-paradox2:1":
4579  x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4580proof(rule "→I"; rule "raa-cor:2")
4581  AOT_assume antecedant: x [G]x
4582  AOT_have Lemma: x ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x))
4583  proof(rule GEN)
4584    fix x
4585    AOT_have A: [G]ιy (y = x & H (x[H] & ¬[H]x)) 
4586                 ∃!y (y = x & H (x[H] & ¬[H]x))
4587    proof(rule "≡I"; rule "→I")
4588      AOT_assume [G]ιy (y = x & H (x[H] & ¬[H]x))
4589      AOT_hence ιy (y = x & H (x[H] & ¬[H]x))
4590        using "cqt:5:a"[axiom_inst, THEN "→E", THEN "&E"(2)] by blast
4591      AOT_thus ∃!y (y = x & H (x[H] & ¬[H]x))
4592        using "!-exists:1"[THEN "≡E"(1)] by blast
4593    next
4594      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4595      AOT_obtain a where a_1: a = x & H (x[H] & ¬[H]x)
4596                     and a_2: z (z = x & H (x[H] & ¬[H]x)  z = a)
4597        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4598      AOT_have a_3: [G]a
4599        using antecedant "∀E" by blast
4600      AOT_show [G]ιy (y = x & H (x[H] & ¬[H]x))
4601        apply (rule "russell-axiom[exe,1].russell-axiom"[THEN "≡E"(2)])
4602        apply (rule "∃I"(2))
4603        using a_1 a_2 a_3 "&I" by blast
4604    qed
4605    also AOT_have B: ...  H (x[H] & ¬[H]x)
4606    proof (rule "≡I"; rule "→I")
4607      AOT_assume A: ∃!y (y = x & H (x[H] & ¬[H]x))
4608      AOT_obtain a where a = x & H (x[H] & ¬[H]x)
4609        using "uniqueness:1"[THEN "≡dfE", OF A] "&E" "∃E"[rotated] by blast
4610      AOT_thus H (x[H] & ¬[H]x) using "&E" by blast
4611    next
4612      AOT_assume H (x[H] & ¬[H]x)
4613      AOT_hence x = x & H (x[H] & ¬[H]x)
4614        using "id-eq:1" "&I" by blast
4615      moreover AOT_have z (z = x & H (x[H] & ¬[H]x)  z = x)
4616        by (simp add: "Conjunction Simplification"(1) "universal-cor")
4617      ultimately AOT_show ∃!y (y = x & H (x[H] & ¬[H]x))
4618        using "uniqueness:1"[THEN "≡dfI"] "&I" "∃I"(2) by fast
4619    qed
4620    finally AOT_show ([G]ιy(y = x & H (x[H] & ¬[H]x))  H (x[H] & ¬[H]x)) .
4621  qed
4622
4623  AOT_assume A: x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4624  AOT_have θ: x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x 
4625                   [G]ιy(y = x & H (x[H] & ¬[H]x)))
4626    using "beta-C-meta"[THEN "→E", OF A] "∀I" by fast
4627  AOT_have x (x [G]ιy (y = x & H (x[H] & ¬[H]x))]x  H (x[H] & ¬[H]x))
4628    using θ Lemma "cqt-basic:10"[THEN "→E"] "&I" by fast
4629  AOT_hence F x ([F]x  H (x[H] & ¬[H]x))
4630    using "∃I"(1) A by fast
4631  AOT_thus (F x ([F]x  H (x[H] & ¬[H]x))) &
4632            (¬F x ([F]x  H (x[H] & ¬[H]x)))
4633    using "block-paradox:2" "&I" by blast
4634qed
4635
4636AOT_act_theorem "block-paradox2:2":
4637  G ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))]
4638proof(rule "∃I"(1))
4639  AOT_have 0: x p (p p)]
4640    by "cqt:2[lambda]"
4641  moreover AOT_have x x p (p p)]x
4642    apply (rule GEN)
4643    apply (rule "beta-C-cor:2"[THEN "→E", OF 0, THEN "∀E"(2), THEN "≡E"(2)])
4644    using "if-p-then-p" GEN by fast
4645  moreover AOT_have G (x [G]x  ¬x [G]ιy (y = x & H (x[H] & ¬[H]x))])
4646      using "block-paradox2:1" "∀I" by fast
4647  ultimately AOT_show ¬x x p (p p)]ιy (y = x & H (x[H] & ¬[H]x))]
4648    using "∀E"(1) "→E" by blast
4649qed("cqt:2[lambda]")
4650
4651AOT_theorem propositions: p (p  φ)
4652proof(rule "∃I"(1))
4653  AOT_show (φ  φ)
4654    by (simp add: RN "oth-class-taut:3:a")
4655next
4656  AOT_show φ
4657    by (simp add: "log-prop-prop:2")
4658qed
4659
4660AOT_theorem "pos-not-equiv-ne:1":
4661  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4662proof (rule "→I")
4663  AOT_assume ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4664  AOT_hence ¬x1...∀xn ([F]x1...xn  [G]x1...xn)
4665    using "KBasic:11"[THEN "≡E"(2)] by blast
4666  AOT_hence ¬(F = G)
4667    using "id-rel-nec-equiv:1" "modus-tollens:1" by blast
4668  AOT_thus F  G
4669    using "=-infix"[THEN "≡dfI"] by blast
4670qed
4671
4672AOT_theorem "pos-not-equiv-ne:2": (¬(φ{F}  φ{G}))  F  G
4673proof (rule "→I")
4674  AOT_modally_strict {
4675    AOT_have ¬(φ{F}  φ{G})  ¬(F = G)
4676    proof (rule "→I"; rule "raa-cor:2")
4677      AOT_assume 1: F = G
4678      AOT_hence φ{F}  φ{G}
4679        using "l-identity"[axiom_inst, THEN "→E"] by blast
4680      moreover {
4681        AOT_have G = F
4682          using 1 id_sym by blast
4683        AOT_hence φ{G}  φ{F}
4684          using "l-identity"[axiom_inst, THEN "→E"] by blast
4685      }
4686      ultimately AOT_have φ{F}  φ{G}
4687        using "≡I" by blast
4688      moreover AOT_assume ¬(φ{F}  φ{G})
4689      ultimately AOT_show (φ{F}  φ{G}) & ¬(φ{F}  φ{G})
4690        using "&I" by blast
4691    qed
4692  }
4693  AOT_hence ¬(φ{F}  φ{G})  ¬(F = G)
4694    using "RM:2[prem]" by blast
4695  moreover AOT_assume ¬(φ{F}  φ{G})
4696  ultimately AOT_have 0: ¬(F = G) using "→E" by blast
4697  AOT_have (F  G)
4698    by (AOT_subst F  G ¬(F = G))
4699       (auto simp: "=-infix" "≡Df" 0)
4700  AOT_thus F  G
4701    using "id-nec2:3"[THEN "→E"] by blast
4702qed
4703
4704AOT_theorem "pos-not-equiv-ne:2[zero]": (¬(φ{p}  φ{q}))  p  q
4705proof (rule "→I")
4706  AOT_modally_strict {
4707    AOT_have ¬(φ{p}  φ{q})  ¬(p = q)
4708    proof (rule "→I"; rule "raa-cor:2")
4709      AOT_assume 1: p = q
4710      AOT_hence φ{p}  φ{q}
4711        using "l-identity"[axiom_inst, THEN "→E"] by blast
4712      moreover {
4713        AOT_have q = p
4714          using 1 id_sym by blast
4715        AOT_hence φ{q}  φ{p}
4716          using "l-identity"[axiom_inst, THEN "→E"] by blast
4717      }
4718      ultimately AOT_have φ{p}  φ{q}
4719        using "≡I" by blast
4720      moreover AOT_assume ¬(φ{p}  φ{q})
4721      ultimately AOT_show (φ{p}  φ{q}) & ¬(φ{p}  φ{q})
4722        using "&I" by blast
4723    qed
4724  }
4725  AOT_hence ¬(φ{p}  φ{q})  ¬(p = q)
4726    using "RM:2[prem]" by blast
4727  moreover AOT_assume ¬(φ{p}  φ{q})
4728  ultimately AOT_have 0: ¬(p = q) using "→E" by blast
4729  AOT_have (p  q)
4730    by (AOT_subst p  q ¬(p = q))
4731       (auto simp: 0 "=-infix" "≡Df")
4732  AOT_thus p  q
4733    using "id-nec2:3"[THEN "→E"] by blast
4734qed
4735
4736AOT_theorem "pos-not-equiv-ne:3":
4737  (¬x1...∀xn ([F]x1...xn  [G]x1...xn))  F  G
4738  using "→I" "pos-not-equiv-ne:1"[THEN "→E"] "T◇"[THEN "→E"] by blast
4739
4740AOT_theorem "pos-not-equiv-ne:4": (¬(φ{F}  φ{G}))  F  G
4741  using "→I" "pos-not-equiv-ne:2"[THEN "→E"] "T◇"[THEN "→E"] by blast
4742
4743AOT_theorem "pos-not-equiv-ne:4[zero]": (¬(φ{p}  φ{q}))  p  q
4744  using "→I" "pos-not-equiv-ne:2[zero]"[THEN "→E"]
4745        "T◇"[THEN "→E"] by blast
4746
4747AOT_define relation_negation ::  Π" ("_-")
4748  "df-relation-negation": "[F]- =df x1...xn ¬[F]x1...xn]"
4749
4750nonterminal φneg
4751syntax "" :: "φneg  τ" ("_")
4752syntax "" :: "φneg  φ" ("'(_')")
4753
4754AOT_define relation_negation_0 :: ‹φ  φneg› ("'(_')-")
4755  "df-relation-negation[zero]": "(p)- =df  ¬p]"
4756
4757AOT_theorem "rel-neg-T:1": x1...xn ¬[Π]x1...xn]
4758  by "cqt:2[lambda]"
4759
4760AOT_theorem "rel-neg-T:1[zero]":  ¬φ]
4761  using "cqt:2[lambda0]"[axiom_inst] by blast
4762
4763AOT_theorem "rel-neg-T:2": [Π]- = x1...xn ¬[Π]x1...xn]
4764  using "=I"(1)[OF "rel-neg-T:1"]
4765  by (rule "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"])
4766
4767AOT_theorem "rel-neg-T:2[zero]": (φ)- =  ¬φ]
4768  using "=I"(1)[OF "rel-neg-T:1[zero]"]
4769  by (rule "=dfI"(1)[OF "df-relation-negation[zero]", OF "rel-neg-T:1[zero]"])
4770
4771AOT_theorem "rel-neg-T:3": [Π]-
4772  using "=dfI"(1)[OF "df-relation-negation", OF "rel-neg-T:1"]
4773        "rel-neg-T:1" by blast
4774
4775AOT_theorem "rel-neg-T:3[zero]": (φ)-
4776  using "log-prop-prop:2" by blast
4777
4778(* Note: PLM states the zero place case twice *)
4779AOT_theorem "thm-relation-negation:1": [F]-x1...xn  ¬[F]x1...xn
4780proof -
4781  AOT_have [F]-x1...xn  x1...xn ¬[F]x1...xn]x1...xn
4782    using "rule=E"[rotated, OF "rel-neg-T:2"]
4783          "rule=E"[rotated, OF "rel-neg-T:2"[THEN id_sym]]
4784          "→I" "≡I" by fast
4785  also AOT_have ...  ¬[F]x1...xn
4786    using "beta-C-meta"[THEN "→E", OF "rel-neg-T:1"] by fast
4787  finally show ?thesis.
4788qed
4789
4790AOT_theorem "thm-relation-negation:2": ¬[F]-x1...xn  [F]x1...xn
4791  apply (AOT_subst [F]x1...xn ¬¬[F]x1...xn)
4792   apply (simp add: "oth-class-taut:3:b")
4793  apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
4794  using "thm-relation-negation:1".
4795
4796AOT_theorem "thm-relation-negation:3": ((p)-)  ¬p
4797proof -
4798  AOT_have (p)- =  ¬p] using "rel-neg-T:2[zero]" by blast
4799  AOT_hence ((p)-)   ¬p]
4800    using "df-relation-negation[zero]" "log-prop-prop:2"
4801          "oth-class-taut:3:a" "rule-id-df:2:a" by blast
4802  also AOT_have  ¬p]  ¬p
4803    by (simp add: "propositions-lemma:2")
4804  finally show ?thesis.
4805qed
4806
4807AOT_theorem "thm-relation-negation:4": (¬((p)-))  p
4808  using "thm-relation-negation:3"[THEN "≡E"(1)]
4809        "thm-relation-negation:3"[THEN "≡E"(2)]
4810        "≡I" "→I" RAA by metis
4811
4812AOT_theorem "thm-relation-negation:5": [F]  [F]-
4813proof -
4814  AOT_have ¬([F] = [F]-)
4815  proof (rule RAA(2))
4816    AOT_show [F]x1...xn  [F]x1...xn for x1xn
4817      using "if-p-then-p".
4818  next
4819    AOT_assume [F] = [F]-
4820    AOT_hence [F]- = [F] using id_sym by blast
4821    AOT_hence [F]x1...xn  ¬[F]x1...xn for x1xn
4822      using "rule=E" "thm-relation-negation:1" by fast
4823    AOT_thus ¬([F]x1...xn  [F]x1...xn) for x1xn
4824      using "≡E" RAA by metis
4825  qed
4826  thus ?thesis
4827    using "≡dfI" "=-infix" by blast
4828qed
4829
4830AOT_theorem "thm-relation-negation:6": p  (p)-
4831proof -
4832  AOT_have ¬(p = (p)-)
4833  proof (rule RAA(2))
4834    AOT_show p  p
4835      using "if-p-then-p".
4836  next
4837    AOT_assume p = (p)-
4838    AOT_hence (p)- = p using id_sym by blast
4839    AOT_hence p  ¬p
4840      using "rule=E" "thm-relation-negation:3" by fast
4841    AOT_thus ¬(p  p)
4842      using "≡E" RAA by metis
4843  qed
4844  thus ?thesis
4845    using "≡dfI" "=-infix" by blast
4846qed
4847
4848AOT_theorem "thm-relation-negation:7": (p)- = (¬p)
4849  apply (rule "df-relation-negation[zero]"[THEN "=dfE"(1)])
4850  using "cqt:2[lambda0]"[axiom_inst] "rel-neg-T:2[zero]"
4851        "propositions-lemma:1" id_trans by blast+
4852
4853AOT_theorem "thm-relation-negation:8": p = q  (¬p) = (¬q)
4854proof(rule "→I")
4855  AOT_assume p = q
4856  moreover AOT_have (¬p) using "log-prop-prop:2".
4857  moreover AOT_have (¬p) = (¬p) using calculation(2) "=I" by blast
4858  ultimately AOT_show (¬p) = (¬q)
4859    using "rule=E" by fast
4860qed
4861
4862AOT_theorem "thm-relation-negation:9": p = q  (p)- = (q)-
4863proof(rule "→I")
4864  AOT_assume p = q
4865  AOT_hence (¬p) = (¬q) using "thm-relation-negation:8" "→E" by blast
4866  AOT_thus (p)- = (q)-
4867    using "thm-relation-negation:7" id_sym id_trans by metis
4868qed
4869
4870AOT_define Necessary :: ‹Π  φ› ("Necessary'(_')")
4871  "contingent-properties:1":
4872  Necessary([F]) df x1...∀xn [F]x1...xn
4873
4874AOT_define Necessary0 :: ‹φ  φ› ("Necessary0'(_')")
4875  "contingent-properties:1[zero]":
4876  Necessary0(p) df p
4877
4878AOT_define Impossible :: ‹Π  φ› ("Impossible'(_')")
4879  "contingent-properties:2":
4880  Impossible([F]) df F & x1...∀xn ¬[F]x1...xn
4881
4882AOT_define Impossible0 :: ‹φ  φ› ("Impossible0'(_')")
4883  "contingent-properties:2[zero]":
4884  Impossible0(p) df ¬p
4885
4886AOT_define NonContingent :: ‹Π  φ› ("NonContingent'(_')")
4887  "contingent-properties:3":
4888  NonContingent([F]) df Necessary([F])  Impossible([F])
4889
4890AOT_define NonContingent0 :: ‹φ  φ› ("NonContingent0'(_')")
4891  "contingent-properties:3[zero]":
4892  NonContingent0(p) df Necessary0(p)  Impossible0(p)
4893
4894AOT_define Contingent :: ‹Π  φ› ("Contingent'(_')")
4895  "contingent-properties:4":
4896  Contingent([F]) df F & ¬(Necessary([F])  Impossible([F]))
4897
4898AOT_define Contingent0 :: ‹φ  φ› ("Contingent0'(_')")
4899  "contingent-properties:4[zero]":
4900  Contingent0(p) df ¬(Necessary0(p)  Impossible0(p))
4901
4902
4903AOT_theorem "thm-cont-prop:1": NonContingent([F])  NonContingent([F]-)
4904proof (rule "≡I"; rule "→I")
4905  AOT_assume NonContingent([F])
4906  AOT_hence Necessary([F])  Impossible([F])
4907    using "≡dfE"[OF "contingent-properties:3"] by blast
4908  moreover {
4909    AOT_assume Necessary([F])
4910    AOT_hence (x1...∀xn [F]x1...xn)
4911      using "≡dfE"[OF "contingent-properties:1"] by blast
4912    moreover AOT_modally_strict {
4913      AOT_assume x1...∀xn [F]x1...xn
4914      AOT_hence [F]x1...xn for x1xn using "∀E" by blast
4915      AOT_hence ¬[F]-x1...xn for x1xn
4916        by (meson "≡E"(6) "oth-class-taut:3:a"
4917                  "thm-relation-negation:2" "≡E"(1))
4918      AOT_hence x1...∀xn ¬[F]-x1...xn using "∀I" by fast
4919    }
4920    ultimately AOT_have (x1...∀xn ¬[F]-x1...xn)
4921      using "RN[prem]"[where Γ="{«x1...∀xn [F]x1...xn»}", simplified] by blast
4922    AOT_hence Impossible([F]-)
4923      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4924                  OF "rel-neg-T:3", THEN "≡E"(2)]
4925      by blast
4926  }
4927  moreover {
4928    AOT_assume Impossible([F])
4929    AOT_hence (x1...∀xn ¬[F]x1...xn)
4930      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4931                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)]
4932      by blast
4933    moreover AOT_modally_strict {
4934      AOT_assume x1...∀xn ¬[F]x1...xn
4935      AOT_hence ¬[F]x1...xn for x1xn using "∀E" by blast
4936      AOT_hence [F]-x1...xn for x1xn
4937        by (meson "≡E"(6) "oth-class-taut:3:a"
4938                  "thm-relation-negation:1" "≡E"(1))
4939      AOT_hence x1...∀xn [F]-x1...xn using "∀I" by fast
4940    }
4941    ultimately AOT_have (x1...∀xn [F]-x1...xn)
4942      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]x1...xn»}"] by blast
4943    AOT_hence Necessary([F]-)
4944      using "≡dfI"[OF "contingent-properties:1"] by blast
4945  }
4946  ultimately AOT_have Necessary([F]-)  Impossible([F]-)
4947    using "∨E"(1) "∨I" "→I" by metis
4948  AOT_thus NonContingent([F]-)
4949    using "≡dfI"[OF "contingent-properties:3"] by blast
4950next
4951  AOT_assume NonContingent([F]-)
4952  AOT_hence Necessary([F]-)  Impossible([F]-)
4953    using "≡dfE"[OF "contingent-properties:3"] by blast
4954  moreover {
4955    AOT_assume Necessary([F]-)
4956    AOT_hence (x1...∀xn [F]-x1...xn)
4957      using "≡dfE"[OF "contingent-properties:1"] by blast
4958    moreover AOT_modally_strict {
4959      AOT_assume x1...∀xn [F]-x1...xn
4960      AOT_hence [F]-x1...xn for x1xn using "∀E" by blast
4961      AOT_hence ¬[F]x1...xn for x1xn
4962        by (meson "≡E"(6) "oth-class-taut:3:a"
4963                  "thm-relation-negation:1" "≡E"(2))
4964      AOT_hence x1...∀xn ¬[F]x1...xn using "∀I" by fast
4965    }
4966    ultimately AOT_have x1...∀xn ¬[F]x1...xn
4967      using "RN[prem]"[where Γ="{«x1...∀xn [F]-x1...xn»}"] by blast
4968    AOT_hence Impossible([F])
4969      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4970                  OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(2)]
4971      by blast
4972  }
4973  moreover {
4974    AOT_assume Impossible([F]-)
4975    AOT_hence (x1...∀xn ¬[F]-x1...xn)
4976      using "≡Df"[OF "contingent-properties:2", THEN "≡S"(1),
4977                  OF "rel-neg-T:3", THEN "≡E"(1)]
4978      by blast
4979    moreover AOT_modally_strict {
4980      AOT_assume x1...∀xn ¬[F]-x1...xn
4981      AOT_hence ¬[F]-x1...xn for x1xn using "∀E" by blast
4982      AOT_hence [F]x1...xn for x1xn 
4983        using "thm-relation-negation:1"[THEN
4984                "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1)]
4985              "useful-tautologies:1"[THEN "→E"] by blast
4986      AOT_hence x1...∀xn [F]x1...xn using "∀I" by fast
4987    }
4988    ultimately AOT_have (x1...∀xn [F]x1...xn)
4989      using "RN[prem]"[where Γ="{«x1...∀xn ¬[F]-x1...xn»}"] by blast
4990    AOT_hence Necessary([F])
4991      using "≡dfI"[OF "contingent-properties:1"] by blast
4992  }
4993  ultimately AOT_have Necessary([F])  Impossible([F])
4994    using "∨E"(1) "∨I" "→I" by metis
4995  AOT_thus NonContingent([F])
4996    using "≡dfI"[OF "contingent-properties:3"] by blast
4997qed
4998
4999AOT_theorem "thm-cont-prop:2": Contingent([F])  x [F]x & x ¬[F]x
5000proof -
5001  AOT_have Contingent([F])  ¬(Necessary([F])  Impossible([F]))
5002    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5003                                    OF "cqt:2[const_var]"[axiom_inst]]
5004    by blast
5005  also AOT_have ...  ¬Necessary([F]) & ¬Impossible([F])
5006    using "oth-class-taut:5:d" by fastforce
5007  also AOT_have ...  ¬Impossible([F]) & ¬Necessary([F])
5008    by (simp add: "Commutativity of &")
5009  also AOT_have ...  x [F]x & ¬Necessary([F])
5010  proof (rule "oth-class-taut:4:e"[THEN "→E"])
5011    AOT_have ¬Impossible([F])  ¬¬ x [F]x
5012      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5013      apply (AOT_subst x [F]x ¬ x ¬[F]x)
5014       apply (simp add: "conventions:4" "≡Df")
5015      apply (AOT_subst (reverse) ¬¬x ¬[F]x x ¬[F]x)
5016       apply (simp add: "oth-class-taut:3:b")
5017      using "contingent-properties:2"[THEN "≡Df", THEN "≡S"(1),
5018                                      OF "cqt:2[const_var]"[axiom_inst]]
5019      by blast
5020    also AOT_have ...  x [F]x
5021      using "conventions:5"[THEN "≡Df", symmetric] by blast
5022    finally AOT_show ¬Impossible([F])  x [F]x .
5023  qed
5024  also AOT_have ...  x [F]x & x ¬[F]x
5025  proof (rule "oth-class-taut:4:f"[THEN "→E"])
5026    AOT_have ¬Necessary([F])  ¬¬x ¬[F]x
5027      apply (rule "oth-class-taut:4:b"[THEN "≡E"(1)])
5028      apply (AOT_subst x ¬[F]x ¬ x ¬¬[F]x)
5029       apply (simp add: "conventions:4" "≡Df")
5030      apply (AOT_subst (reverse) ¬¬[F]x [F]x for: x)
5031       apply (simp add: "oth-class-taut:3:b")
5032      apply (AOT_subst (reverse) ¬¬x [F]x x [F]x)
5033      by (auto simp: "oth-class-taut:3:b" "contingent-properties:1" "≡Df")
5034    also AOT_have ...  x ¬[F]x
5035      using "conventions:5"[THEN "≡Df", symmetric] by blast
5036    finally AOT_show ¬Necessary([F])  x ¬[F]x.
5037  qed
5038  finally show ?thesis.
5039qed
5040
5041AOT_theorem "thm-cont-prop:3":
5042  Contingent([F])  Contingent([F]-) for F::<κ> AOT_var›
5043proof -
5044  {
5045    fix Π :: <κ>
5046    AOT_assume Π
5047    moreover AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5048      using "thm-cont-prop:2" GEN by fast
5049    ultimately  AOT_have Contingent([Π])  x [Π]x & x ¬[Π]x
5050      using "thm-cont-prop:2" "∀E" by fast
5051  } note 1 = this
5052  AOT_have Contingent([F])  x [F]x & x ¬[F]x
5053    using "thm-cont-prop:2" by blast
5054  also AOT_have ...  x ¬[F]x & x [F]x
5055    by (simp add: "Commutativity of &")
5056  also AOT_have ...  x [F]-x & x [F]x
5057    by (AOT_subst [F]-x ¬[F]x for: x)
5058       (auto simp: "thm-relation-negation:1" "oth-class-taut:3:a")
5059  also AOT_have ...  x [F]-x & x ¬[F]-x
5060    by (AOT_subst (reverse) [F]x ¬[F]-x for: x)
5061       (auto simp: "thm-relation-negation:2" "oth-class-taut:3:a")
5062  also AOT_have ...  Contingent([F]-)
5063    using 1[OF "rel-neg-T:3", symmetric] by blast
5064  finally show ?thesis.
5065qed
5066
5067AOT_define concrete_if_concrete :: ‹Π› ("L")
5068  L_def: L =df x E!x  E!x]
5069
5070AOT_theorem "thm-noncont-e-e:1": Necessary(L)
5071proof -
5072  AOT_modally_strict {
5073    fix x
5074    AOT_have x E!x  E!x] by "cqt:2[lambda]"
5075    moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5076    moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5077    ultimately AOT_have x E!x  E!x]x
5078      using "β←C" by blast
5079  }
5080  AOT_hence 0: x x E!x  E!x]x
5081    using RN GEN by blast
5082  show ?thesis
5083    apply (rule "=dfI"(2)[OF L_def])
5084     apply "cqt:2[lambda]"
5085    by (rule "contingent-properties:1"[THEN "≡dfI", OF 0])
5086qed
5087
5088AOT_theorem "thm-noncont-e-e:2": Impossible([L]-)
5089proof -
5090  AOT_modally_strict {
5091    fix x
5092
5093    AOT_have 0: F (¬[F]-x  [F]x)
5094      using "thm-relation-negation:2" GEN by fast
5095    AOT_have ¬x E!x  E!x]-x  x E!x  E!x]x
5096      by (rule 0[THEN "∀E"(1)]) "cqt:2[lambda]"
5097    moreover {
5098      AOT_have x E!x  E!x] by "cqt:2[lambda]"
5099      moreover AOT_have x using "cqt:2[const_var]"[axiom_inst] by blast
5100      moreover AOT_have E!x  E!x using "if-p-then-p" by blast
5101      ultimately AOT_have x E!x  E!x]x
5102        using "β←C" by blast
5103    }
5104    ultimately AOT_have ¬x E!x  E!x]-x
5105      using "≡E" by blast
5106  }
5107  AOT_hence 0: x ¬x E!x  E!x]-x
5108    using RN GEN by fast
5109  show ?thesis
5110    apply (rule "=dfI"(2)[OF L_def])
5111     apply "cqt:2[lambda]"
5112    apply (rule "contingent-properties:2"[THEN "≡dfI"]; rule "&I")
5113     using "rel-neg-T:3"
5114     apply blast
5115    using 0
5116    by blast
5117qed
5118
5119AOT_theorem "thm-noncont-e-e:3": NonContingent(L)
5120  using "thm-noncont-e-e:1"
5121  by (rule "contingent-properties:3"[THEN "≡dfI", OF "∨I"(1)])
5122
5123AOT_theorem "thm-noncont-e-e:4": NonContingent([L]-)
5124proof -
5125  AOT_have 0: F (NonContingent([F])  NonContingent([F]-))
5126    using "thm-cont-prop:1" "∀I" by fast
5127  moreover AOT_have 1: L
5128    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5129  AOT_show NonContingent([L]-)
5130    using "∀E"(1)[OF 0, OF 1, THEN "≡E"(1), OF "thm-noncont-e-e:3"] by blast
5131qed
5132
5133AOT_theorem "thm-noncont-e-e:5":
5134  F G (F  «G::<κ>» & NonContingent([F]) & NonContingent([G]))
5135proof (rule "∃I")+
5136  {
5137    AOT_have F [F]  [F]-
5138      using "thm-relation-negation:5" GEN by fast
5139    moreover AOT_have L
5140      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5141    ultimately AOT_have L  [L]-
5142      using "∀E" by blast
5143  }
5144  AOT_thus L  [L]- & NonContingent(L) & NonContingent([L]-)
5145    using "thm-noncont-e-e:3" "thm-noncont-e-e:4" "&I" by metis
5146next
5147  AOT_show [L]-
5148    using "rel-neg-T:3" by blast
5149next
5150  AOT_show L
5151      by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
5152qed
5153
5154AOT_theorem "lem-cont-e:1": x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5155proof -
5156  AOT_have x ([F]x & ¬[F]x)  x ([F]x & ¬[F]x)
5157    using "BF◇" "CBF◇" "≡I" by blast
5158  also AOT_have   x ([F]x &  ¬[F]x)
5159    by (AOT_subst ([F]x & ¬[F]x) [F]x &  ¬[F]x for: x)
5160       (auto simp: "S5Basic:11" "cqt-further:7")
5161  also AOT_have   x (¬[F]x & [F]x)
5162    by (AOT_subst ¬[F]x & [F]x  [F]x & ¬[F]x for: x)
5163       (auto simp: "Commutativity of &" "cqt-further:7")
5164  also AOT_have   x (¬[F]x & [F]x)
5165    by (AOT_subst (¬[F]x & [F]x) ¬[F]x & [F]x for: x)
5166       (auto simp: "S5Basic:11" "oth-class-taut:3:a")
5167  also AOT_have   x (¬[F]x & [F]x)
5168    using "BF◇" "CBF◇" "≡I" by fast
5169  finally show ?thesis.
5170qed
5171
5172AOT_theorem "lem-cont-e:2":
5173  x ([F]x & ¬[F]x)  x ([F]-x & ¬[F]-x)
5174proof -
5175  AOT_have x ([F]x & ¬[F]x)  x (¬[F]x & [F]x)
5176    using "lem-cont-e:1".
5177  also AOT_have   x ([F]-x & ¬[F]-x)
5178    apply (AOT_subst ¬[F]-x [F]x for: x)
5179     apply (simp add: "thm-relation-negation:2")
5180    apply (AOT_subst [F]-x ¬[F]x for: x)
5181     apply (simp add: "thm-relation-negation:1")
5182    by (simp add: "oth-class-taut:3:a")
5183  finally show ?thesis.
5184qed
5185
5186AOT_theorem "thm-cont-e:1": x (E!x & ¬E!x)
5187proof (rule "CBF◇"[THEN "→E"])
5188  AOT_have x (E!x & ¬𝒜E!x)
5189    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] by blast
5190  then AOT_obtain a where (E!a & ¬𝒜E!a)
5191    using "∃E"[rotated] by blast
5192  AOT_hence θ: E!a & ¬𝒜E!a
5193    using "KBasic2:3"[THEN "→E"] by blast
5194  AOT_have ξ: E!a & 𝒜¬E!a
5195    by (AOT_subst  𝒜¬E!a ¬𝒜E!a)
5196       (auto simp: "logic-actual-nec:1"[axiom_inst] θ)
5197  AOT_have ζ: E!a & 𝒜¬E!a
5198    by (AOT_subst 𝒜¬E!a 𝒜¬E!a)
5199       (auto simp add: "Act-Sub:4" ξ)
5200  AOT_hence E!a & ¬E!a
5201    using "&E" "&I" "Act-Sub:3"[THEN "→E"] by blast
5202  AOT_hence (E!a & ¬E!a)
5203    using "S5Basic:11"[THEN "≡E"(2)] by simp
5204  AOT_thus x (E!x & ¬E!x)
5205    using "∃I"(2) by fast
5206qed
5207
5208AOT_theorem "thm-cont-e:2": x (¬E!x & E!x)
5209proof -
5210  AOT_have F (x ([F]x & ¬[F]x)  x (¬[F]x & [F]x))
5211    using "lem-cont-e:1" GEN by fast
5212  AOT_hence (x (E!x & ¬E!x)  x (¬E!x & E!x))
5213    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5214  thus ?thesis using "thm-cont-e:1" "≡E" by blast
5215qed
5216
5217AOT_theorem "thm-cont-e:3": x E!x
5218proof (rule "CBF◇"[THEN "→E"])
5219  AOT_obtain a where (E!a & ¬E!a)
5220    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5221  AOT_hence E!a
5222    using "KBasic2:3"[THEN "→E", THEN "&E"(1)] by blast
5223  AOT_thus x E!x using "∃I" by fast
5224qed
5225
5226AOT_theorem "thm-cont-e:4": x ¬E!x
5227proof (rule "CBF◇"[THEN "→E"])
5228  AOT_obtain a where (E!a & ¬E!a)
5229    using "∃E"[rotated, OF "thm-cont-e:1"[THEN "BF◇"[THEN "→E"]]] by blast
5230  AOT_hence ¬E!a
5231    using "KBasic2:3"[THEN "→E", THEN "&E"(2)] by blast
5232  AOT_hence ¬E!a
5233    using "4◇"[THEN "→E"] by blast
5234  AOT_thus x ¬E!x using "∃I" by fast
5235qed
5236
5237AOT_theorem "thm-cont-e:5": Contingent([E!])
5238proof -
5239  AOT_have F (Contingent([F])  x [F]x & x ¬[F]x)
5240    using "thm-cont-prop:2" GEN by fast
5241  AOT_hence Contingent([E!])  x E!x & x ¬E!x
5242    using "∀E"(1) "cqt:2[concrete]"[axiom_inst] by blast
5243  thus ?thesis
5244    using "thm-cont-e:3" "thm-cont-e:4" "≡E"(2) "&I" by blast
5245qed
5246
5247AOT_theorem "thm-cont-e:6": Contingent([E!]-)
5248proof -
5249  AOT_have F (Contingent([«F::<κ>»])  Contingent([F]-))
5250    using "thm-cont-prop:3" GEN by fast
5251  AOT_hence Contingent([E!])  Contingent([E!]-)
5252    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5253  thus ?thesis using "thm-cont-e:5" "≡E" by blast
5254qed
5255
5256AOT_theorem "thm-cont-e:7":
5257  FG (Contingent([«F::<κ>»]) & Contingent([G]) & F  G)
5258proof (rule "∃I")+
5259  AOT_have F [«F::<κ>»]  [F]-
5260    using "thm-relation-negation:5" GEN by fast
5261  AOT_hence [E!]  [E!]-
5262    using "∀E" "cqt:2[concrete]"[axiom_inst] by fast
5263  AOT_thus Contingent([E!]) & Contingent([E!]-) & [E!]  [E!]-
5264    using "thm-cont-e:5" "thm-cont-e:6" "&I" by metis
5265next
5266  AOT_show E!-
5267    by (fact AOT)
5268next
5269  AOT_show E! by (fact "cqt:2[concrete]"[axiom_inst])
5270qed
5271
5272AOT_theorem "property-facts:1":
5273  NonContingent([F])  ¬G (Contingent([G]) & G = F)
5274proof (rule "→I"; rule "raa-cor:2")
5275  AOT_assume NonContingent([F])
5276  AOT_hence 1: Necessary([F])  Impossible([F])
5277    using "contingent-properties:3"[THEN "≡dfE"] by blast
5278  AOT_assume G (Contingent([G]) & G = F)
5279  then AOT_obtain G where Contingent([G]) & G = F
5280    using "∃E"[rotated] by blast
5281  AOT_hence Contingent([F]) using "rule=E" "&E" by blast
5282  AOT_hence ¬(Necessary([F])  Impossible([F]))
5283    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5284            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5285  AOT_thus (Necessary([F])  Impossible([F])) &
5286            ¬(Necessary([F])  Impossible([F]))
5287    using 1 "&I" by blast
5288qed
5289
5290AOT_theorem "property-facts:2":
5291  Contingent([F])  ¬G (NonContingent([G]) & G = F)
5292proof (rule "→I"; rule "raa-cor:2")
5293  AOT_assume Contingent([F])
5294  AOT_hence 1: ¬(Necessary([F])  Impossible([F]))
5295    using "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5296            OF "cqt:2[const_var]"[axiom_inst], THEN "≡E"(1)] by blast
5297  AOT_assume G (NonContingent([G]) & G = F)
5298  then AOT_obtain G where NonContingent([G]) & G = F
5299    using "∃E"[rotated] by blast
5300  AOT_hence NonContingent([F])
5301    using "rule=E" "&E" by blast
5302  AOT_hence Necessary([F])  Impossible([F])
5303    using "contingent-properties:3"[THEN "≡dfE"] by blast
5304  AOT_thus (Necessary([F])  Impossible([F])) &
5305            ¬(Necessary([F])  Impossible([F]))
5306    using 1 "&I" by blast
5307qed
5308
5309AOT_theorem "property-facts:3":
5310  L  [L]- & L  E! & L  E!- & [L]-  [E!]- & E!  [E!]-
5311proof -
5312  AOT_have noneqI: Π  Π' if φ{Π} and ¬φ{Π'} for φ and Π Π' :: <κ>
5313    apply (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
5314    using "rule=E"[where φ=φ and τ=Π and σ = Π'] that "&I" by blast
5315  AOT_have contingent_denotes: Π if Contingent([Π]) for Π :: <κ>
5316    using that "contingent-properties:4"[THEN "≡dfE", THEN "&E"(1)] by blast
5317  AOT_have not_noncontingent_if_contingent:
5318    ¬NonContingent([Π]) if Contingent([Π]) for Π :: <κ>
5319  proof(rule RAA(2))
5320    AOT_show ¬(Necessary([Π])  Impossible([Π]))
5321      using that "contingent-properties:4"[THEN "≡Df", THEN "≡S"(1),
5322                    OF contingent_denotes[OF that], THEN "≡E"(1)]
5323      by blast
5324  next
5325    AOT_assume NonContingent([Π])
5326    AOT_thus Necessary([Π])  Impossible([Π])
5327      using "contingent-properties:3"[THEN "≡dfE"] by blast
5328  qed
5329
5330  show ?thesis
5331  proof (safe intro!: "&I")
5332    AOT_show L  [L]-
5333      apply (rule "=dfI"(2)[OF L_def])
5334       apply "cqt:2[lambda]"
5335      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5336       apply (rule GEN) apply (fact AOT)
5337      by "cqt:2[lambda]"
5338  next
5339    AOT_show L  E!
5340      apply (rule noneqI)
5341      using "thm-noncont-e-e:3"
5342            not_noncontingent_if_contingent[OF "thm-cont-e:5"]
5343      by auto
5344  next
5345    AOT_show L  E!-
5346      apply (rule noneqI)
5347      using "thm-noncont-e-e:3" apply fast
5348      apply (rule not_noncontingent_if_contingent)
5349      apply (rule "∀E"(1)[
5350            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5351            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5352      using "thm-cont-prop:3" GEN apply fast
5353      using "thm-cont-e:5" by fast+
5354  next
5355    AOT_show [L]-  E!-
5356      apply (rule noneqI)
5357      using "thm-noncont-e-e:4" apply fast
5358      apply (rule not_noncontingent_if_contingent)
5359      apply (rule "∀E"(1)[
5360            where φ="λ Π . «Contingent([Π])  Contingent([Π]-)»",
5361            rotated, OF contingent_denotes, THEN "≡E"(1), rotated])
5362      using "thm-cont-prop:3" GEN apply fast
5363      using "thm-cont-e:5" by fast+
5364  next
5365    AOT_show E!  E!-
5366      apply (rule "=dfI"(2)[OF L_def])
5367       apply "cqt:2[lambda]"
5368      apply (rule "∀E"(1)[where φ="λ Π . «Π  [Π]-»"])
5369       apply (rule GEN) apply (fact AOT)
5370      by (fact "cqt:2[concrete]"[axiom_inst])
5371  qed
5372qed
5373
5374AOT_theorem "thm-cont-propos:1":
5375  NonContingent0(p)  NonContingent0(((p)-))
5376proof(rule "≡I"; rule "→I")
5377  AOT_assume NonContingent0(p)
5378  AOT_hence Necessary0(p)  Impossible0(p)
5379    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5380  moreover {
5381    AOT_assume Necessary0(p)
5382    AOT_hence 1: p
5383      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5384    AOT_have ¬((p)-)
5385      by (AOT_subst ¬((p)-) p)
5386         (auto simp add: 1 "thm-relation-negation:4")
5387    AOT_hence Impossible0(((p)-))
5388      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5389  }
5390  moreover {
5391    AOT_assume Impossible0(p)
5392    AOT_hence 1: ¬p
5393      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5394    AOT_have ((p)-)
5395      by (AOT_subst ((p)-) ¬p) 
5396         (auto simp: 1 "thm-relation-negation:3")
5397    AOT_hence Necessary0(((p)-))
5398      by (rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5399  }
5400  ultimately AOT_have Necessary0(((p)-))  Impossible0(((p)-))
5401    using "∨E"(1) "∨I" "→I" by metis
5402  AOT_thus NonContingent0(((p)-))
5403    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5404next
5405  AOT_assume NonContingent0(((p)-))
5406  AOT_hence Necessary0(((p)-))  Impossible0(((p)-))
5407    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5408  moreover {
5409    AOT_assume Impossible0(((p)-))
5410    AOT_hence 1: ¬((p)-)
5411      by (rule "contingent-properties:2[zero]"[THEN "≡dfE"])
5412    AOT_have p
5413      by (AOT_subst (reverse) p ¬((p)-))
5414         (auto simp: 1 "thm-relation-negation:4")
5415    AOT_hence Necessary0(p)
5416      using "contingent-properties:1[zero]"[THEN "≡dfI"] by blast
5417  }
5418  moreover {
5419    AOT_assume Necessary0(((p)-))
5420    AOT_hence 1: ((p)-)
5421      by (rule "contingent-properties:1[zero]"[THEN "≡dfE"])
5422    AOT_have ¬p
5423      by (AOT_subst (reverse) ¬p ((p)-))
5424         (auto simp: 1 "thm-relation-negation:3")
5425    AOT_hence Impossible0(p)
5426      by (rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5427  }
5428  ultimately AOT_have Necessary0(p)  Impossible0(p)
5429    using "∨E"(1) "∨I" "→I" by metis
5430  AOT_thus NonContingent0(p)
5431    using "contingent-properties:3[zero]"[THEN "≡dfI"] by blast
5432qed
5433
5434AOT_theorem "thm-cont-propos:2": Contingent0(φ)  φ & ¬φ
5435proof -
5436  AOT_have Contingent0(φ)  ¬(Necessary0(φ)  Impossible0(φ))
5437    using "contingent-properties:4[zero]"[THEN "≡Df"] by simp
5438  also AOT_have   ¬Necessary0(φ) & ¬Impossible0(φ)
5439    by (fact AOT)
5440  also AOT_have   ¬Impossible0(φ) & ¬Necessary0(φ)
5441    by (fact AOT)
5442  also AOT_have   φ & ¬φ
5443    apply (AOT_subst φ ¬¬φ)
5444     apply (simp add: "conventions:5" "≡Df")
5445    apply (AOT_subst Impossible0(φ) ¬φ)
5446     apply (simp add: "contingent-properties:2[zero]" "≡Df")
5447    apply (AOT_subst (reverse) ¬φ ¬φ)
5448     apply (simp add: "KBasic:11")
5449    apply (AOT_subst Necessary0(φ) φ)
5450     apply (simp add: "contingent-properties:1[zero]" "≡Df")
5451    by (simp add: "oth-class-taut:3:a")
5452  finally show ?thesis.
5453qed
5454
5455AOT_theorem "thm-cont-propos:3": Contingent0(p)  Contingent0(((p)-))
5456proof -
5457  AOT_have Contingent0(p)  p & ¬p using "thm-cont-propos:2".
5458  also AOT_have   ¬p & p by (fact AOT)
5459  also AOT_have   ((p)-) & p
5460    by (AOT_subst ((p)-) ¬p)
5461       (auto simp: "thm-relation-negation:3" "oth-class-taut:3:a")
5462  also AOT_have   ((p)-) & ¬((p)-)
5463    by (AOT_subst ¬((p)-) p)
5464       (auto simp: "thm-relation-negation:4" "oth-class-taut:3:a")
5465  also AOT_have   Contingent0(((p)-))
5466    using "thm-cont-propos:2"[symmetric] by blast
5467  finally show ?thesis.
5468qed
5469
5470AOT_define noncontingent_prop :: ‹φ› ("p0")
5471  p0_def: "(p0) =df (x (E!x  E!x))"
5472
5473AOT_theorem "thm-noncont-propos:1":  Necessary0((p0))
5474proof(rule "contingent-properties:1[zero]"[THEN "≡dfI"])
5475  AOT_show (p0)
5476    apply (rule "=dfI"(2)[OF p0_def])
5477    using "log-prop-prop:2" apply simp
5478    using "if-p-then-p" RN GEN by fast
5479qed
5480
5481AOT_theorem "thm-noncont-propos:2": Impossible0(((p0)-))
5482proof(rule "contingent-properties:2[zero]"[THEN "≡dfI"])
5483  AOT_show ¬((p0)-)
5484    apply (AOT_subst ((p0)-) ¬p0)
5485    using "thm-relation-negation:3" GEN "∀E"(1)[rotated, OF "log-prop-prop:2"]
5486     apply fast
5487    apply (AOT_subst (reverse) ¬¬p0 p0)
5488     apply (simp add: "oth-class-taut:3:b")
5489    apply (rule "=dfI"(2)[OF p0_def])
5490    using "log-prop-prop:2" apply simp
5491    using "if-p-then-p" RN GEN by fast
5492qed
5493
5494AOT_theorem "thm-noncont-propos:3": NonContingent0((p0))
5495  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5496  using "thm-noncont-propos:1" "∨I" by blast
5497
5498AOT_theorem "thm-noncont-propos:4": NonContingent0(((p0)-))
5499  apply(rule "contingent-properties:3[zero]"[THEN "≡dfI"])
5500  using "thm-noncont-propos:2" "∨I" by blast
5501
5502AOT_theorem "thm-noncont-propos:5":
5503  pq (NonContingent0((p)) & NonContingent0((q)) & p  q)
5504proof(rule "∃I")+
5505  AOT_have 0: φ  (φ)- for φ
5506    using "thm-relation-negation:6" "∀I"
5507          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5508  AOT_thus NonContingent0((p0)) & NonContingent0(((p0)-)) & (p0)  (p0)-
5509    using "thm-noncont-propos:3" "thm-noncont-propos:4" "&I" by auto
5510qed(auto simp: "log-prop-prop:2")
5511
5512AOT_act_theorem "no-cnac": ¬x(E!x & ¬𝒜E!x)
5513proof(rule "raa-cor:2")
5514  AOT_assume x(E!x & ¬𝒜E!x)
5515  then AOT_obtain a where a: E!a & ¬𝒜E!a
5516    using "∃E"[rotated] by blast
5517  AOT_hence 𝒜¬E!a
5518    using "&E" "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
5519  AOT_hence ¬E!a
5520    using "logic-actual"[act_axiom_inst, THEN "→E"] by blast
5521  AOT_hence E!a & ¬E!a
5522    using a "&E" "&I" by blast
5523  AOT_thus p & ¬p for p using "raa-cor:1" by blast
5524qed
5525
5526AOT_theorem "pos-not-pna:1": ¬𝒜x (E!x & ¬𝒜E!x)
5527proof(rule "raa-cor:2")
5528  AOT_assume 𝒜x (E!x & ¬𝒜E!x)
5529  AOT_hence x 𝒜(E!x & ¬𝒜E!x)
5530    using "Act-Basic:10"[THEN "≡E"(1)] by blast
5531  then AOT_obtain a where 𝒜(E!a & ¬𝒜E!a)
5532    using "∃E"[rotated] by blast
5533  AOT_hence 1: 𝒜E!a & 𝒜¬𝒜E!a
5534    using "Act-Basic:2"[THEN "≡E"(1)] by blast
5535  AOT_hence ¬𝒜𝒜E!a
5536    using "&E"(2) "logic-actual-nec:1"[axiom_inst, THEN "≡E"(1)] by blast
5537  AOT_hence ¬𝒜E!a
5538    using "logic-actual-nec:4"[axiom_inst, THEN "≡E"(1)] RAA by blast
5539  AOT_thus p & ¬p for p using 1[THEN "&E"(1)] "&I" "raa-cor:1" by blast
5540qed
5541
5542AOT_theorem "pos-not-pna:2": ¬x(E!x & ¬𝒜E!x)
5543proof (rule RAA(1))
5544  AOT_show ¬𝒜x (E!x & ¬𝒜E!x)
5545    using "pos-not-pna:1" by blast
5546next
5547  AOT_assume ¬¬x (E!x & ¬𝒜E!x)
5548  AOT_hence x (E!x & ¬𝒜E!x)
5549    using "KBasic:12"[THEN "≡E"(2)] by blast
5550  AOT_thus 𝒜x (E!x & ¬𝒜E!x)
5551    using "nec-imp-act"[THEN "→E"] by blast
5552qed
5553
5554AOT_theorem "pos-not-pna:3": x (E!x & ¬𝒜E!x)
5555proof -
5556  AOT_obtain a where (E!a & ¬𝒜E!a)
5557    using "qml:4"[axiom_inst] "BF◇"[THEN "→E"] "∃E"[rotated] by blast
5558  AOT_hence θ: E!a and ξ: ¬𝒜E!a
5559    using "KBasic2:3"[THEN "→E"] "&E" by blast+
5560  AOT_have ¬𝒜E!a
5561    using ξ "KBasic:11"[THEN "≡E"(2)] by blast
5562  AOT_hence ¬𝒜E!a
5563    using "Act-Basic:6"[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5564                        THEN "≡E"(2)] by blast
5565  AOT_hence E!a & ¬𝒜E!a using θ "&I" by blast
5566  thus ?thesis using "∃I" by fast
5567qed
5568
5569AOT_define contingent_prop :: φ ("q0")
5570  q0_def: (q0) =df (x (E!x & ¬𝒜E!x))
5571
5572AOT_theorem q0_prop: q0 & ¬q0
5573  apply (rule "=dfI"(2)[OF q0_def])
5574  apply (fact "log-prop-prop:2")
5575  apply (rule "&I")
5576   apply (fact "qml:4"[axiom_inst])
5577  by (fact "pos-not-pna:2")
5578
5579AOT_theorem "basic-prop:1": Contingent0((q0))
5580proof(rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5581  AOT_have ¬Necessary0((q0)) & ¬Impossible0((q0))
5582  proof (rule "&I";
5583         rule "=dfI"(2)[OF q0_def];
5584         (rule "log-prop-prop:2" | rule "raa-cor:2"))
5585    AOT_assume Necessary0(x (E!x & ¬𝒜E!x))
5586    AOT_hence x (E!x & ¬𝒜E!x)
5587      using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5588    AOT_hence 𝒜x (E!x & ¬𝒜E!x)
5589      using "Act-Basic:8"[THEN "→E"] "qml:2"[axiom_inst, THEN "→E"] by blast
5590    AOT_thus 𝒜x (E!x & ¬𝒜E!x) & ¬𝒜x (E!x & ¬𝒜E!x)
5591      using "pos-not-pna:1" "&I" by blast
5592  next
5593    AOT_assume Impossible0(x (E!x & ¬𝒜E!x))
5594    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5595      using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5596    AOT_hence ¬(x (E!x & ¬𝒜E!x))
5597      using "KBasic2:1"[THEN "≡E"(1)] by blast
5598    AOT_thus (x (E!x & ¬𝒜E!x)) & ¬(x (E!x & ¬𝒜E!x))
5599      using "qml:4"[axiom_inst] "&I" by blast
5600  qed
5601  AOT_thus ¬(Necessary0((q0))  Impossible0((q0)))
5602    using "oth-class-taut:5:d" "≡E"(2) by blast
5603qed
5604
5605AOT_theorem "basic-prop:2": p Contingent0((p))
5606  using "∃I"(1)[rotated, OF "log-prop-prop:2"] "basic-prop:1" by blast
5607
5608AOT_theorem "basic-prop:3": Contingent0(((q0)-))
5609  apply (AOT_subst ((q0)-) ¬q0)
5610   apply (insert "thm-relation-negation:3" "∀I"
5611                "∀E"(1)[rotated, OF "log-prop-prop:2"]; fast)
5612  apply (rule "contingent-properties:4[zero]"[THEN "≡dfI"])
5613  apply (rule "oth-class-taut:5:d"[THEN "≡E"(2)])
5614  apply (rule "&I")
5615   apply (rule "contingent-properties:1[zero]"[THEN "df-rules-formulas[3]",
5616                  THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5617   apply (rule "conventions:5"[THEN "≡dfE"])
5618   apply (rule "=dfE"(2)[OF q0_def])
5619    apply (rule "log-prop-prop:2")
5620   apply (rule q0_prop[THEN "&E"(1)])
5621  apply (rule "contingent-properties:2[zero]"[THEN "df-rules-formulas[3]",
5622                THEN "useful-tautologies:5"[THEN "→E"], THEN "→E"])
5623  apply (rule "conventions:5"[THEN "≡dfE"])
5624  by (rule q0_prop[THEN "&E"(2)])
5625
5626AOT_theorem "basic-prop:4":
5627  pq (p  q & Contingent0(p) & Contingent0(q))
5628proof(rule "∃I")+
5629  AOT_have 0: φ  (φ)- for φ
5630    using "thm-relation-negation:6" "∀I"
5631          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5632  AOT_show (q0)  (q0)- & Contingent0(q0) & Contingent0(((q0)-))
5633    using "basic-prop:1" "basic-prop:3" "&I" 0 by presburger
5634qed(auto simp: "log-prop-prop:2")
5635
5636AOT_theorem "proposition-facts:1":
5637  NonContingent0(p)  ¬q (Contingent0(q) & q = p)
5638proof(rule "→I"; rule "raa-cor:2")
5639  AOT_assume NonContingent0(p)
5640  AOT_hence 1: Necessary0(p)  Impossible0(p)
5641    using "contingent-properties:3[zero]"[THEN "≡dfE"] by blast
5642  AOT_assume q (Contingent0(q) & q = p)
5643  then AOT_obtain q where Contingent0(q) & q = p
5644    using "∃E"[rotated] by blast
5645  AOT_hence Contingent0(p)
5646    using "rule=E" "&E" by fast
5647  AOT_thus (Necessary0(p)  Impossible0(p)) &
5648            ¬(Necessary0(p)  Impossible0(p))
5649    using "contingent-properties:4[zero]"[THEN "≡dfE"] 1 "&I" by blast
5650qed
5651
5652AOT_theorem "proposition-facts:2":
5653  Contingent0(p)  ¬q (NonContingent0(q) & q = p)
5654proof(rule "→I"; rule "raa-cor:2")
5655  AOT_assume Contingent0(p)
5656  AOT_hence 1: ¬(Necessary0(p)  Impossible0(p))
5657    using "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5658  AOT_assume q (NonContingent0(q) & q = p)
5659  then AOT_obtain q where NonContingent0(q) & q = p
5660    using "∃E"[rotated] by blast
5661  AOT_hence NonContingent0(p)
5662    using "rule=E" "&E" by fast
5663  AOT_thus (Necessary0(p)  Impossible0(p)) &
5664            ¬(Necessary0(p)  Impossible0(p))
5665    using "contingent-properties:3[zero]"[THEN "≡dfE"] 1 "&I" by blast
5666qed
5667
5668AOT_theorem "proposition-facts:3":
5669  (p0)  (p0)- & (p0)  (q0) & (p0)  (q0)- & (p0)-  (q0)- & (q0)  (q0)-
5670proof -
5671  {
5672    fix χ φ ψ
5673    AOT_assume χ{φ}
5674    moreover AOT_assume ¬χ{ψ}
5675    ultimately AOT_have ¬(χ{φ}  χ{ψ})
5676      using RAA "≡E" by metis
5677    moreover {
5678      AOT_have pq ((¬(χ{p}  χ{q}))  p  q)
5679        by (rule "∀I"; rule "∀I"; rule "pos-not-equiv-ne:4[zero]")
5680      AOT_hence ((¬(χ{φ}  χ{ψ}))  φ  ψ)
5681        using "∀E" "log-prop-prop:2" by blast
5682    }
5683    ultimately AOT_have φ  ψ
5684      using "→E" by blast
5685  } note 0 = this
5686  AOT_have contingent_neg: Contingent0(φ)  Contingent0(((φ)-)) for φ
5687    using "thm-cont-propos:3" "∀I"
5688          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5689  AOT_have not_noncontingent_if_contingent:
5690    ¬NonContingent0(φ) if Contingent0(φ) for φ
5691    apply (rule "contingent-properties:3[zero]"[THEN "≡Df",
5692                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5693    using that "contingent-properties:4[zero]"[THEN "≡dfE"] by blast
5694  show ?thesis
5695    apply (rule "&I")+
5696    using "thm-relation-negation:6" "∀I"
5697          "∀E"(1)[rotated, OF "log-prop-prop:2"]
5698        apply fast
5699       apply (rule 0)
5700    using "thm-noncont-propos:3" apply fast
5701       apply (rule not_noncontingent_if_contingent)
5702       apply (fact AOT)
5703      apply (rule 0)
5704    apply (rule "thm-noncont-propos:3")
5705      apply (rule not_noncontingent_if_contingent)
5706      apply (rule contingent_neg[THEN "≡E"(1)])
5707      apply (fact AOT)
5708     apply (rule 0)
5709    apply (rule "thm-noncont-propos:4")
5710      apply (rule not_noncontingent_if_contingent)
5711      apply (rule contingent_neg[THEN "≡E"(1)])
5712     apply (fact AOT)
5713    using "thm-relation-negation:6" "∀I"
5714          "∀E"(1)[rotated, OF "log-prop-prop:2"] by fast
5715qed
5716
5717AOT_define ContingentlyTrue :: ‹φ  φ› ("ContingentlyTrue'(_')")
5718  "cont-tf:1": ContingentlyTrue(p) df p & ¬p
5719
5720AOT_define ContingentlyFalse :: ‹φ  φ› ("ContingentlyFalse'(_')")
5721  "cont-tf:2": ContingentlyFalse(p) df ¬p & p
5722
5723AOT_theorem "cont-true-cont:1":
5724  ContingentlyTrue((p))  Contingent0((p))
5725proof(rule "→I")
5726  AOT_assume ContingentlyTrue((p))
5727  AOT_hence 1: p and 2: ¬p using "cont-tf:1"[THEN "≡dfE"] "&E" by blast+
5728  AOT_have ¬Necessary0((p))
5729    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5730                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5731    using 2 "KBasic:11"[THEN "≡E"(2)] by blast
5732  moreover AOT_have ¬Impossible0((p))
5733    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5734                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5735    apply (rule "conventions:5"[THEN "≡dfE"])
5736    using "T◇"[THEN "→E", OF 1].
5737  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5738    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5739  AOT_thus Contingent0((p))
5740    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5741qed
5742
5743AOT_theorem "cont-true-cont:2":
5744  ContingentlyFalse((p))  Contingent0((p))
5745proof(rule "→I")
5746  AOT_assume ContingentlyFalse((p))
5747  AOT_hence 1: ¬p and 2: p using "cont-tf:2"[THEN "≡dfE"] "&E" by blast+
5748  AOT_have ¬Necessary0((p))
5749    apply (rule "contingent-properties:1[zero]"[THEN "≡Df",
5750                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5751    using "KBasic:11"[THEN "≡E"(2)] "T◇"[THEN "→E", OF 1] by blast
5752  moreover AOT_have ¬Impossible0((p))
5753    apply (rule "contingent-properties:2[zero]"[THEN "≡Df",
5754                  THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(2)])
5755    apply (rule "conventions:5"[THEN "≡dfE"])
5756    using 2.
5757  ultimately AOT_have ¬(Necessary0((p))  Impossible0((p)))
5758    using DeMorgan(2)[THEN "≡E"(2)] "&I" by blast
5759  AOT_thus Contingent0((p))
5760    using "contingent-properties:4[zero]"[THEN "≡dfI"] by blast
5761qed
5762
5763AOT_theorem "cont-true-cont:3":
5764  ContingentlyTrue((p))  ContingentlyFalse(((p)-))
5765proof(rule "≡I"; rule "→I")
5766  AOT_assume ContingentlyTrue((p))
5767  AOT_hence 0: p & ¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5768  AOT_have 1: ContingentlyFalse(¬p)
5769    apply (rule "cont-tf:2"[THEN "≡dfI"])
5770    apply (AOT_subst (reverse) ¬¬p p)
5771    by (auto simp: "oth-class-taut:3:b" 0)
5772  AOT_show ContingentlyFalse(((p)-))
5773    apply (AOT_subst ((p)-) ¬p)
5774    by (auto simp: "thm-relation-negation:3" 1)
5775next
5776  AOT_assume 1: ContingentlyFalse(((p)-))
5777  AOT_have ContingentlyFalse(¬p)
5778    by (AOT_subst (reverse) ¬p ((p)-))
5779       (auto simp: "thm-relation-negation:3" 1)
5780  AOT_hence ¬¬p & ¬p using "cont-tf:2"[THEN "≡dfE"] by blast
5781  AOT_hence p & ¬p
5782    using "&I" "&E" "useful-tautologies:1"[THEN "→E"] by metis
5783  AOT_thus ContingentlyTrue((p))
5784    using "cont-tf:1"[THEN "≡dfI"] by blast
5785qed
5786
5787AOT_theorem "cont-true-cont:4":
5788  ContingentlyFalse((p))  ContingentlyTrue(((p)-))
5789proof(rule "≡I"; rule "→I")
5790  AOT_assume ContingentlyFalse(p)
5791  AOT_hence 0: ¬p & p
5792    using "cont-tf:2"[THEN "≡dfE"] by blast
5793  AOT_have ¬p & ¬¬p
5794    by (AOT_subst (reverse) ¬¬p p)
5795       (auto simp: "oth-class-taut:3:b" 0)
5796  AOT_hence 1: ContingentlyTrue(¬p)
5797    by (rule "cont-tf:1"[THEN "≡dfI"])
5798  AOT_show ContingentlyTrue(((p)-))
5799    by (AOT_subst ((p)-) ¬p)
5800       (auto simp: "thm-relation-negation:3" 1)
5801next
5802  AOT_assume 1: ContingentlyTrue(((p)-))
5803  AOT_have ContingentlyTrue(¬p)
5804    by (AOT_subst (reverse) ¬p ((p)-))
5805       (auto simp add: "thm-relation-negation:3" 1)
5806  AOT_hence 2: ¬p & ¬¬p using "cont-tf:1"[THEN "≡dfE"] by blast
5807  AOT_have p
5808    by (AOT_subst p ¬¬p)
5809       (auto simp add: "oth-class-taut:3:b" 2[THEN "&E"(2)])
5810  AOT_hence ¬p & p using 2[THEN "&E"(1)] "&I" by blast
5811  AOT_thus ContingentlyFalse(p)
5812    by (rule "cont-tf:2"[THEN "≡dfI"])
5813qed
5814
5815AOT_theorem "cont-true-cont:5":
5816  (ContingentlyTrue((p)) & Necessary0((q)))  p  q
5817proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5818  AOT_assume ContingentlyTrue((p))
5819  AOT_hence ¬p
5820    using "cont-tf:1"[THEN "≡dfE"] "&E" by blast
5821  AOT_hence 0: ¬p using "KBasic:11"[THEN "≡E"(2)] by blast
5822  AOT_assume Necessary0((q))
5823  moreover AOT_assume ¬(p  q)
5824  AOT_hence p = q
5825    using "=-infix"[THEN "≡Df",
5826                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5827                    THEN "≡E"(1)]
5828          "useful-tautologies:1"[THEN "→E"] by blast
5829  ultimately AOT_have Necessary0((p)) using "rule=E" id_sym by blast
5830  AOT_hence p
5831    using "contingent-properties:1[zero]"[THEN "≡dfE"] by blast
5832  AOT_thus p & ¬p using 0 "&I" by blast
5833qed
5834
5835AOT_theorem "cont-true-cont:6":
5836  (ContingentlyFalse((p)) & Impossible0((q)))  p  q
5837proof (rule "→I"; frule "&E"(1); drule "&E"(2); rule "raa-cor:1")
5838  AOT_assume ContingentlyFalse((p))
5839  AOT_hence p
5840    using "cont-tf:2"[THEN "≡dfE"] "&E" by blast
5841  AOT_hence 1: ¬¬p
5842    using "conventions:5"[THEN "≡dfE"] by blast
5843  AOT_assume Impossible0((q))
5844  moreover AOT_assume ¬(p  q)
5845  AOT_hence p = q
5846    using "=-infix"[THEN "≡Df",
5847                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
5848                    THEN "≡E"(1)]
5849          "useful-tautologies:1"[THEN "→E"] by blast
5850  ultimately AOT_have Impossible0((p)) using "rule=E" id_sym by blast
5851  AOT_hence ¬p
5852    using "contingent-properties:2[zero]"[THEN "≡dfE"] by blast
5853  AOT_thus ¬p & ¬¬p using 1 "&I" by blast
5854qed
5855
5856AOT_act_theorem "q0cf:1": ContingentlyFalse(q0)
5857  apply (rule "cont-tf:2"[THEN "≡dfI"])
5858  apply (rule "=dfI"(2)[OF q0_def])
5859   apply (fact "log-prop-prop:2")
5860  apply (rule "&I")
5861   apply (fact "no-cnac")
5862  by (fact "qml:4"[axiom_inst])
5863
5864AOT_act_theorem "q0cf:2": ContingentlyTrue(((q0)-))
5865  apply (rule "cont-tf:1"[THEN "≡dfI"])
5866  apply (rule "=dfI"(2)[OF q0_def])
5867   apply (fact "log-prop-prop:2")
5868  apply (rule "&I")
5869   apply (rule "thm-relation-negation:3"
5870                [unvarify p, OF "log-prop-prop:2", THEN "≡E"(2)])
5871     apply (fact "no-cnac")
5872  apply (rule "rule=E"[rotated,
5873                OF "thm-relation-negation:7"
5874                   [unvarify p, OF "log-prop-prop:2", THEN id_sym]])
5875  apply (AOT_subst (reverse) ¬¬(x  (E!x & ¬𝒜E!x)) x (E!x & ¬𝒜E!x))
5876  by (auto simp: "oth-class-taut:3:b" "qml:4"[axiom_inst])
5877
5878AOT_theorem "cont-tf-thm:1": p ContingentlyTrue((p))
5879proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5880  AOT_assume q0
5881  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5882  AOT_thus ContingentlyTrue(q0)
5883    by (rule "cont-tf:1"[THEN "≡dfI"])
5884next
5885  AOT_assume ¬q0
5886  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5887  AOT_hence ContingentlyFalse(q0)
5888    by (rule "cont-tf:2"[THEN "≡dfI"])
5889  AOT_thus ContingentlyTrue(((q0)-))
5890    by (rule "cont-true-cont:4"[unvarify p,
5891                OF "log-prop-prop:2", THEN "≡E"(1)])
5892qed(auto simp: "log-prop-prop:2")
5893
5894
5895AOT_theorem "cont-tf-thm:2": p ContingentlyFalse((p))
5896proof(rule "∨E"(1)[OF "exc-mid"]; rule "→I"; rule "∃I")
5897  AOT_assume q0
5898  AOT_hence q0 & ¬q0 using q0_prop[THEN "&E"(2)] "&I" by blast
5899  AOT_hence ContingentlyTrue(q0)
5900    by (rule "cont-tf:1"[THEN "≡dfI"])
5901  AOT_thus ContingentlyFalse(((q0)-))
5902    by (rule "cont-true-cont:3"[unvarify p,
5903                OF "log-prop-prop:2", THEN "≡E"(1)])
5904next
5905  AOT_assume ¬q0
5906  AOT_hence ¬q0 & q0 using q0_prop[THEN "&E"(1)] "&I" by blast
5907  AOT_thus ContingentlyFalse(q0)
5908    by (rule "cont-tf:2"[THEN "≡dfI"])
5909qed(auto simp: "log-prop-prop:2")
5910
5911AOT_theorem "property-facts1:1": Fx ([F]x & ¬[F]x)
5912proof -
5913  fix x
5914  AOT_obtain p1 where ContingentlyTrue((p1))
5915    using "cont-tf-thm:1" "∃E"[rotated] by blast
5916  AOT_hence 1: p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
5917  AOT_modally_strict {
5918    AOT_have for arbitrary p:  (z p]x  p)
5919      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5920    AOT_hence for arbitrary p:   (z p]x  p)
5921      by (rule RN)
5922    AOT_hence p (z p]x  p) using GEN by fast
5923    AOT_hence (z p1]x  p1) using "∀E" by fast
5924  } note 2 = this
5925  AOT_hence (z p1]x  p1) using "∀E" by blast
5926  AOT_hence z p1]x
5927    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5928  moreover AOT_have ¬z p1]x
5929    using 2[THEN "qml:2"[axiom_inst, THEN "→E"]]
5930    apply (AOT_subst z p1]x p1)
5931    using 1[THEN "&E"(2)] by blast
5932  ultimately AOT_have z p1]x & ¬z p1]x using "&I" by blast
5933  AOT_hence x (z p1]x & ¬z p1]x) using "∃I"(2) by fast
5934  moreover AOT_have z p1] by "cqt:2[lambda]"
5935  ultimately AOT_show Fx ([F]x & ¬[F]x) by (rule "∃I"(1))
5936qed
5937
5938AOT_theorem "property-facts1:2": Fx (¬[F]x & [F]x)
5939proof -
5940  fix x
5941  AOT_obtain p1 where ContingentlyFalse((p1))
5942    using "cont-tf-thm:2" "∃E"[rotated] by blast
5943  AOT_hence 1: ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
5944  AOT_modally_strict {
5945    AOT_have for arbitrary p:  (z p]x  p)
5946      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5947    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5948      using "oth-class-taut:4:b" "≡E" by blast
5949    AOT_hence for arbitrary p:  (¬z p]x  ¬p)
5950      by (rule RN)
5951    AOT_hence p (¬z p]x  ¬p) using GEN by fast
5952    AOT_hence (¬z p1]x  ¬p1) using "∀E" by fast
5953  } note 2 = this
5954  AOT_hence (¬z p1]x  ¬p1) using "∀E" by blast
5955  AOT_hence 3: ¬z p1]x
5956    using 1[THEN "&E"(1)] "qml:2"[axiom_inst, THEN "→E"] "≡E"(2) by blast
5957  AOT_modally_strict {
5958    AOT_have for arbitrary p:  (z p]x  p)
5959      by (rule "beta-C-cor:3"[THEN "∀E"(2)]) cqt_2_lambda_inst_prover
5960    AOT_hence for arbitrary p:  (z p]x  p)
5961      by (rule RN)
5962    AOT_hence p (z p]x  p) using GEN by fast
5963    AOT_hence (z p1]x  p1) using "∀E" by fast
5964  } note 4 = this
5965  AOT_have z p1]x
5966    using 4[THEN "qml:2"[axiom_inst, THEN "→E"]]
5967    apply (AOT_subst z p1]x p1)
5968    using 1[THEN "&E"(2)] by blast
5969  AOT_hence ¬z p1]x & z p1]x using 3 "&I" by blast
5970  AOT_hence x (¬z p1]x & z p1]x) using "∃I"(2) by fast
5971  moreover AOT_have z p1] by "cqt:2[lambda]"
5972  ultimately AOT_show Fx (¬[F]x & [F]x) by (rule "∃I"(1))
5973qed
5974
5975context
5976begin
5977
5978private AOT_lemma eqnotnec_123_Aux_ζ: [L]x  (E!x  E!x)
5979    apply (rule "=dfI"(2)[OF L_def])
5980     apply "cqt:2[lambda]"
5981    apply (rule "beta-C-meta"[THEN "→E"])
5982  by "cqt:2[lambda]"
5983
5984private AOT_lemma eqnotnec_123_Aux_ω: z φ]x  φ
5985    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
5986
5987private AOT_lemma eqnotnec_123_Aux_θ: φ  x([L]x  z φ]x)
5988proof(rule "≡I"; rule "→I"; (rule "∀I")?)
5989  fix x
5990  AOT_assume 1: φ
5991  AOT_have [L]x  (E!x  E!x) using eqnotnec_123_Aux_ζ.
5992  also AOT_have   φ
5993    using "if-p-then-p" 1 "≡I" "→I" by simp
5994  also AOT_have   z φ]x
5995    using "Commutativity of ≡"[THEN "≡E"(1)] eqnotnec_123_Aux_ω by blast
5996  finally AOT_show [L]x  z φ]x.
5997next
5998  fix x
5999  AOT_assume x([L]x  z φ]x)
6000  AOT_hence [L]x  z φ]x using "∀E" by blast
6001  also AOT_have   φ using eqnotnec_123_Aux_ω.
6002  finally AOT_have φ  [L]x
6003    using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6004  also AOT_have   E!x  E!x using eqnotnec_123_Aux_ζ.
6005  finally AOT_show φ using "≡E" "if-p-then-p" by fast
6006qed
6007private lemmas eqnotnec_123_Aux_ξ =
6008  eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6009    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6010    THEN "RM◇"]
6011private lemmas eqnotnec_123_Aux_ξ' =
6012  eqnotnec_123_Aux_θ[
6013    THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6014    THEN "RM◇"]
6015
6016AOT_theorem "eqnotnec:1": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6017proof-
6018  AOT_obtain p1 where ContingentlyTrue(p1)
6019    using "cont-tf-thm:1" "∃E"[rotated] by blast
6020  AOT_hence p1 & ¬p1 using "cont-tf:1"[THEN "≡dfE"] by blast
6021  AOT_hence x ([L]x  z p1]x) & ¬x([L]x  z p1]x)
6022    apply - apply (rule "&I")
6023    using "&E" eqnotnec_123_Aux_θ[THEN "≡E"(1)]
6024          eqnotnec_123_Aux_ξ "→E" by fast+
6025  AOT_hence G (x([L]x  [G]x) & ¬x([L]x  [G]x))
6026    by (rule "∃I") "cqt:2[lambda]"
6027  AOT_thus FG (x([F]x  [G]x) & ¬x([F]x  [G]x))
6028    apply (rule "∃I")
6029    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6030qed
6031
6032AOT_theorem "eqnotnec:2": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6033proof-
6034  AOT_obtain p1 where ContingentlyFalse(p1)
6035    using "cont-tf-thm:2" "∃E"[rotated] by blast
6036  AOT_hence ¬p1 & p1 using "cont-tf:2"[THEN "≡dfE"] by blast
6037  AOT_hence ¬x ([L]x  z p1]x) & x([L]x  z p1]x)
6038    apply - apply (rule "&I")
6039    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6040                             THEN "≡E"(1)]
6041          "&E" eqnotnec_123_Aux_ξ' "→E" by fast+
6042  AOT_hence G (¬x([L]x  [G]x) & x([L]x  [G]x))
6043    by (rule "∃I") "cqt:2[lambda]"
6044  AOT_thus FG (¬x([F]x  [G]x) & x([F]x  [G]x))
6045    apply (rule "∃I")
6046    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6047qed
6048
6049AOT_theorem "eqnotnec:3": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6050proof-
6051  AOT_have ¬𝒜q0
6052    apply (rule "=dfI"(2)[OF q0_def])
6053     apply (fact "log-prop-prop:2")
6054    by (fact AOT)
6055  AOT_hence 𝒜¬q0
6056    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6057  AOT_hence 𝒜¬x ([L]x  z q0]x)
6058    using eqnotnec_123_Aux_θ[THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6059            THEN "conventions:3"[THEN "≡Df", THEN "≡E"(1), THEN "&E"(1)],
6060            THEN "RA[2]", THEN "act-cond"[THEN "→E"], THEN "→E"] by blast
6061  moreover AOT_have x ([L]x  z q0]x)
6062    using eqnotnec_123_Aux_ξ'[THEN "→E"] q0_prop[THEN "&E"(1)] by blast
6063  ultimately AOT_have 𝒜¬x ([L]x  z q0]x) & x ([L]x  z q0]x)
6064    using "&I" by blast
6065  AOT_hence G (𝒜¬x([L]x  [G]x) & x([L]x  [G]x))
6066    by (rule "∃I") "cqt:2[lambda]"
6067  AOT_thus FG (𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6068    apply (rule "∃I")
6069    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6070qed
6071
6072end
6073
6074AOT_theorem "eqnotnec:4": FG(x([F]x  [G]x) & ¬x([F]x  [G]x))
6075proof(rule GEN)
6076  fix F
6077  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6078  proof(rule "→I"; rule GEN)
6079    AOT_modally_strict {
6080    fix x
6081    AOT_assume 0: ψ
6082    AOT_have z [F]z & ψ]x  [F]x & ψ
6083      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6084    also AOT_have ...  [F]x
6085      apply (rule "≡I"; rule "→I")
6086      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6087      apply blast
6088      using 0 "&I" by blast
6089    finally AOT_show [F]x  z [F]z & ψ]x
6090      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6091    }
6092  qed
6093
6094  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6095  proof (rule "→I"; rule GEN)
6096    AOT_modally_strict {
6097      fix x
6098      AOT_assume 0: ψ
6099      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6100        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6101      also AOT_have ...  [F]x
6102        apply (rule "≡I"; rule "→I")
6103        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6104              "&E"
6105         apply blast
6106        apply (rule "∨I"(1)) using 0 "&I" by blast
6107      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6108        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6109    }
6110  qed
6111
6112  AOT_have Aux_C:
6113     ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6114  proof(rule "RM◇"; rule "→I"; rule "raa-cor:2")
6115  AOT_modally_strict {
6116      AOT_assume 0: ¬ψ
6117      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6118      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6119        using "∀E" by blast
6120      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6121          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6122      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6123        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6124      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6125        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6126      moreover AOT_have (([F]z & ψ)  ¬ψ) for z using 0 "∨I" by blast
6127      ultimately AOT_have ψ using "≡E" "&E" by metis
6128      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6129    }
6130  qed
6131
6132  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6133      (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6134       ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6135  proof (rule "→I")
6136    AOT_assume A: z([F]z  z [F]z & ψ]z)
6137    AOT_show ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6138              ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6139    proof(rule "≡I"; rule "KBasic:13"[THEN "→E"];
6140          rule "RN[prem]"[where Γ="{«z([F]z  z [F]z & ψ]z)»}", simplified];
6141          (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6142      AOT_modally_strict {
6143        AOT_assume z ([F]z  z [F]z & ψ]z)
6144        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6145          using "∀E" by blast
6146        AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6147        AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6148          using "∀E" by blast
6149        AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6150          using "≡E" 1 2 by meson
6151        AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6152          by (rule GEN)
6153      }
6154    next
6155      AOT_modally_strict {
6156        AOT_assume z ([F]z  z [F]z & ψ]z)
6157        AOT_hence 1: [F]z  z [F]z & ψ]z for z
6158          using "∀E" by blast
6159        AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6160        AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6161          using "∀E" by blast
6162        AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6163          using 1 2 "≡E" by meson
6164        AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6165          by (rule GEN)
6166      }
6167    qed(auto simp: A)
6168  qed
6169
6170  AOT_obtain p1 where p1_prop: p1 & ¬p1
6171    using "cont-tf-thm:1" "∃E"[rotated]
6172          "cont-tf:1"[THEN "≡dfE"] by blast
6173  {
6174    AOT_assume 1: x([F]x  z [F]z & p1]x)
6175    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6176      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6177    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6178      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6179    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6180      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6181    AOT_hence x([F]x  z [F]z & p1  ¬p1]x) &
6182               ¬x([F]x  z [F]z & p1  ¬p1]x)
6183      using 2 "&I" by blast
6184    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6185      by (rule "∃I"(1)) "cqt:2[lambda]"
6186  }
6187  moreover {
6188    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6189    AOT_hence ¬x([F]x  z [F]z & p1]x)
6190      using "KBasic:11"[THEN "≡E"(1)] by blast
6191    AOT_hence x ([F]x  z [F]z & p1]x) & ¬x([F]x  z [F]z & p1]x)
6192      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(1)]] "&I" by blast
6193    AOT_hence G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6194      by (rule "∃I"(1)) "cqt:2[lambda]"
6195  }
6196  ultimately AOT_show G (x ([F]x  [G]x) & ¬x([F]x  [G]x))
6197    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6198qed
6199
6200AOT_theorem "eqnotnec:5": FG(¬x([F]x  [G]x) & x([F]x  [G]x))
6201proof(rule GEN)
6202  fix F
6203  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6204  proof(rule "RM◇"; rule "→I"; rule GEN)
6205    AOT_modally_strict {
6206    fix x
6207    AOT_assume 0: ψ
6208    AOT_have z [F]z & ψ]x  [F]x & ψ
6209      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6210    also AOT_have ...  [F]x
6211      apply (rule "≡I"; rule "→I")
6212      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6213       apply blast
6214      using 0 "&I" by blast
6215    finally AOT_show [F]x  z [F]z & ψ]x
6216      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6217    }
6218  qed
6219
6220  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6221  proof (rule "RM◇"; rule "→I"; rule GEN)
6222    AOT_modally_strict {
6223      fix x
6224      AOT_assume 0: ψ
6225      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6226        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6227      also AOT_have ...  [F]x
6228        apply (rule "≡I"; rule "→I")
6229        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6230         apply blast
6231        apply (rule "∨I"(1)) using 0 "&I" by blast
6232      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6233        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6234    }
6235  qed
6236
6237  AOT_have Aux_C:  ¬ψ  ¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6238  proof(rule "→I"; rule "raa-cor:2")
6239  AOT_modally_strict {
6240      AOT_assume 0: ¬ψ
6241      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6242      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6243        using "∀E" by blast
6244      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6245          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6246      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6247        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6248      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6249        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6250      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6251        using 0 "∨I" by blast
6252      ultimately AOT_have ψ using "≡E" "&E" by metis
6253      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6254    }
6255  qed
6256
6257  AOT_have Aux_D: z ([F]z  z [F]z & ψ]z) 
6258    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6259     ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6260  proof (rule "→I"; rule "≡I";
6261         (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6262    AOT_modally_strict {
6263      AOT_assume z ([F]z  z [F]z & ψ]z)
6264      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6265        using "∀E" by blast
6266      AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6267      AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6268        using "∀E" by blast
6269      AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6270        using "≡E" 1 2 by meson
6271      AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6272        by (rule GEN)
6273    }
6274  next
6275    AOT_modally_strict {
6276      AOT_assume z ([F]z  z [F]z & ψ]z)
6277      AOT_hence 1: [F]z  z [F]z & ψ]z for z
6278        using "∀E" by blast
6279      AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6280      AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6281        using "∀E" by blast
6282      AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6283        using 1 2 "≡E" by meson
6284      AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6285        by (rule GEN)
6286    }
6287  qed
6288
6289  AOT_obtain p1 where p1_prop: ¬p1 & p1
6290    using "cont-tf-thm:2" "∃E"[rotated] "cont-tf:2"[THEN "≡dfE"] by blast
6291  {
6292    AOT_assume 1: x([F]x  z [F]z & p1]x)
6293    AOT_have 2: x([F]x  z [F]z & p1  ¬p1]x)
6294      using Aux_B[THEN "→E", OF p1_prop[THEN "&E"(2)]].
6295    AOT_have ¬x(z [F]z & p1]x  z [F]z & p1  ¬p1]x)
6296      using Aux_C[THEN "→E", OF p1_prop[THEN "&E"(1)]].
6297    AOT_hence 3: ¬x([F]x  z [F]z & p1  ¬p1]x)
6298      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6299    AOT_hence ¬x([F]x  z [F]z & p1  ¬p1]x) &
6300               x([F]x  z [F]z & p1  ¬p1]x)
6301      using 2 "&I" by blast
6302    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6303      by (rule "∃I"(1)) "cqt:2[lambda]"
6304  }
6305  moreover {
6306    AOT_assume 2: ¬x([F]x  z [F]z & p1]x)
6307    AOT_hence ¬x([F]x  z [F]z & p1]x)
6308      using "KBasic:11"[THEN "≡E"(1)] by blast
6309    AOT_hence ¬x ([F]x  z [F]z & p1]x) &
6310               x([F]x  z [F]z & p1]x)
6311      using Aux_A[THEN "→E", OF p1_prop[THEN "&E"(2)]] "&I" by blast
6312    AOT_hence G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6313      by (rule "∃I"(1)) "cqt:2[lambda]"
6314  }
6315  ultimately AOT_show G (¬x ([F]x  [G]x) & x([F]x  [G]x))
6316    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6317qed
6318
6319AOT_theorem "eqnotnec:6": FG(𝒜¬x([F]x  [G]x) & x([F]x  [G]x))
6320proof(rule GEN)
6321  fix F
6322  AOT_have Aux_A:  ψ  x([F]x  z [F]z & ψ]x) for ψ
6323  proof(rule "RM◇"; rule "→I"; rule GEN)
6324    AOT_modally_strict {
6325    fix x
6326    AOT_assume 0: ψ
6327    AOT_have z [F]z & ψ]x  [F]x & ψ
6328      by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6329    also AOT_have ...  [F]x
6330      apply (rule "≡I"; rule "→I")
6331      using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0]
6332            "&E"
6333       apply blast
6334      using 0 "&I" by blast
6335    finally AOT_show [F]x  z [F]z & ψ]x
6336      using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6337    }
6338  qed
6339
6340  AOT_have Aux_B:  ψ  x([F]x  z [F]z & ψ  ¬ψ]x) for ψ
6341  proof (rule "RM◇"; rule "→I"; rule GEN)
6342    AOT_modally_strict {
6343      fix x
6344      AOT_assume 0: ψ
6345      AOT_have z ([F]z & ψ)  ¬ψ]x  (([F]x & ψ)  ¬ψ)
6346        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6347      also AOT_have ...  [F]x
6348        apply (rule "≡I"; rule "→I")
6349        using "∨E"(3)[rotated, OF "useful-tautologies:2"[THEN "→E"], OF 0] "&E"
6350         apply blast
6351        apply (rule "∨I"(1)) using 0 "&I" by blast
6352      finally AOT_show [F]x  z ([F]z & ψ)  ¬ψ]x
6353        using "Commutativity of ≡"[THEN "≡E"(1)] by blast
6354    }
6355  qed
6356
6357  AOT_have Aux_C:
6358     𝒜¬ψ  𝒜¬z(z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z) for ψ
6359  proof(rule "act-cond"[THEN "→E"]; rule "RA[2]"; rule "→I"; rule "raa-cor:2")
6360  AOT_modally_strict {
6361      AOT_assume 0: ¬ψ
6362      AOT_assume z (z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z)
6363      AOT_hence z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6364        using "∀E" by blast
6365      moreover AOT_have z [F]z & ψ]z  [F]z & ψ for z
6366          by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6367      moreover AOT_have z ([F]z & ψ)  ¬ψ]z  (([F]z & ψ)  ¬ψ) for z
6368        by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6369      ultimately AOT_have [F]z & ψ  (([F]z & ψ)  ¬ψ) for z
6370        using "Commutativity of ≡"[THEN "≡E"(1)] "≡E"(5) by meson
6371      moreover AOT_have (([F]z & ψ)  ¬ψ) for z
6372        using 0 "∨I" by blast
6373      ultimately AOT_have ψ using "≡E" "&E" by metis
6374      AOT_thus ψ & ¬ψ using 0 "&I" by blast
6375    }
6376  qed
6377
6378  AOT_have (z ([F]z  z [F]z & ψ]z) 
6379    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6380     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6381  proof (rule RN; rule "→I")
6382    AOT_modally_strict {
6383        AOT_assume z ([F]z  z [F]z & ψ]z)
6384        AOT_thus ¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6385                  ¬x ([F]x  z [F]z & ψ  ¬ψ]x)
6386          apply -
6387        proof(rule "≡I"; (rule "useful-tautologies:5"[THEN "→E"]; rule "→I")?)
6388          AOT_assume z ([F]z  z [F]z & ψ]z)
6389          AOT_hence 1: [F]z  z [F]z & ψ]z for z
6390            using "∀E" by blast
6391          AOT_assume x ([F]x  z [F]z & ψ  ¬ψ]x)
6392          AOT_hence 2: [F]z  z [F]z & ψ  ¬ψ]z for z
6393            using "∀E" by blast
6394          AOT_have z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6395            using "≡E" 1 2 by meson
6396          AOT_thus x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6397            by (rule GEN)
6398        next
6399            AOT_assume z ([F]z  z [F]z & ψ]z)
6400            AOT_hence 1: [F]z  z [F]z & ψ]z for z
6401              using "∀E" by blast
6402            AOT_assume x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x)
6403            AOT_hence 2: z [F]z & ψ]z  z [F]z & ψ  ¬ψ]z for z
6404              using "∀E" by blast
6405            AOT_have [F]z  z [F]z & ψ  ¬ψ]z for z
6406              using 1 2 "≡E" by meson
6407            AOT_thus x ([F]x  z [F]z & ψ  ¬ψ]x)
6408              by (rule GEN)
6409        qed
6410    }
6411  qed
6412  AOT_hence 𝒜(z ([F]z  z [F]z & ψ]z) 
6413    (¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6414     ¬x ([F]x  z [F]z & ψ  ¬ψ]x))) for ψ
6415    using "nec-imp-act"[THEN "→E"] by blast
6416  AOT_hence 𝒜z ([F]z  z [F]z & ψ]z) 
6417    𝒜(¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6418    ¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6419    using "act-cond"[THEN "→E"] by blast
6420  AOT_hence Aux_D: 𝒜z ([F]z  z [F]z & ψ]z) 
6421    (𝒜¬x (z [F]z & ψ]x  z [F]z & ψ  ¬ψ]x) 
6422     𝒜¬x ([F]x  z [F]z & ψ  ¬ψ]x)) for ψ
6423    by (auto intro!: "→I" "Act-Basic:5"[THEN "≡E"(1)] dest!: "→E")
6424
6425  AOT_have ¬𝒜q0
6426    apply (rule "=dfI"(2)[OF q0_def])
6427     apply (fact "log-prop-prop:2")
6428    by (fact AOT)
6429  AOT_hence q0_prop_1: 𝒜¬q0
6430    using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6431  {
6432    AOT_assume 1: 𝒜x([F]x  z [F]z & q0]x)
6433    AOT_have 2: x([F]x  z [F]z & q0  ¬q0]x)
6434      using Aux_B[THEN "→E", OF q0_prop[THEN "&E"(1)]].
6435    AOT_have 𝒜¬x(z [F]z & q0]x  z [F]z & q0  ¬q0]x)
6436      using Aux_C[THEN "→E", OF q0_prop_1].
6437    AOT_hence 3: 𝒜¬x([F]x  z [F]z & q0  ¬q0]x)
6438      using Aux_D[THEN "→E", OF 1, THEN "≡E"(1)] by blast
6439    AOT_hence 𝒜¬x([F]x  z [F]z & q0  ¬q0]x) &
6440               x([F]x  z [F]z & q0  ¬q0]x)
6441      using 2 "&I" by blast
6442    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6443      by (rule "∃I"(1)) "cqt:2[lambda]"
6444  }
6445  moreover {
6446    AOT_assume 2: ¬𝒜x([F]x  z [F]z & q0]x)
6447    AOT_hence 𝒜¬x([F]x  z [F]z & q0]x)
6448      using "logic-actual-nec:1"[axiom_inst, THEN "≡E"(2)] by blast
6449    AOT_hence 𝒜¬x ([F]x  z [F]z & q0]x) & x([F]x  z [F]z & q0]x)
6450      using Aux_A[THEN "→E", OF q0_prop[THEN "&E"(1)]] "&I" by blast
6451    AOT_hence G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6452      by (rule "∃I"(1)) "cqt:2[lambda]"
6453  }
6454  ultimately AOT_show G (𝒜¬x ([F]x  [G]x) & x([F]x  [G]x))
6455    using "∨E"(1)[OF "exc-mid"] "→I" by blast
6456qed
6457
6458AOT_theorem "oa-contingent:1": O!  A!
6459proof(rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
6460  fix x
6461  AOT_assume 1: O! = A!
6462  AOT_hence x E!x] = A!
6463    by (rule "=dfE"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6464  AOT_hence x E!x] = x ¬E!x]
6465    by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6466  moreover AOT_have x E!x]x  E!x
6467    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6468  ultimately AOT_have x ¬E!x]x  E!x
6469    using "rule=E" by fast
6470  moreover AOT_have x ¬E!x]x  ¬E!x
6471    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6472  ultimately AOT_have E!x  ¬E!x
6473    using "≡E"(6) "Commutativity of ≡"[THEN "≡E"(1)] by blast
6474  AOT_thus "(E!x  ¬E!x) & ¬(E!x  ¬E!x)"
6475    using "oth-class-taut:3:c" "&I" by blast
6476qed
6477
6478AOT_theorem "oa-contingent:2": O!x  ¬A!x
6479proof -
6480  AOT_have O!x  x E!x]x
6481    apply (rule "≡I"; rule "→I")
6482     apply (rule "=dfE"(2)[OF AOT_ordinary])
6483      apply "cqt:2[lambda]"
6484     apply argo
6485    apply (rule  "=dfI"(2)[OF AOT_ordinary])
6486     apply "cqt:2[lambda]"
6487    by argo
6488  also AOT_have   E!x
6489    by (rule "beta-C-meta"[THEN "→E"]) "cqt:2[lambda]"
6490  also AOT_have   ¬¬E!x
6491    using "oth-class-taut:3:b".
6492  also AOT_have   ¬x ¬E!x]x
6493    by (rule "beta-C-meta"[THEN "→E",
6494              THEN "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6495       "cqt:2"
6496  also AOT_have   ¬A!x
6497    apply (rule "≡I"; rule "→I")
6498     apply (rule "=dfI"(2)[OF AOT_abstract])
6499      apply "cqt:2[lambda]"
6500     apply argo
6501    apply (rule "=dfE"(2)[OF AOT_abstract])
6502     apply "cqt:2[lambda]"
6503    by argo
6504  finally show ?thesis.
6505qed
6506
6507AOT_theorem "oa-contingent:3": A!x  ¬O!x
6508  by (AOT_subst A!x ¬¬A!x)
6509     (auto simp add: "oth-class-taut:3:b" "oa-contingent:2"[THEN
6510         "oth-class-taut:4:b"[THEN "≡E"(1)], symmetric])
6511
6512AOT_theorem "oa-contingent:4": Contingent(O!)
6513proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:1", THEN "≡E"(2)];
6514       rule "&I")
6515  AOT_have x E!x using "thm-cont-e:3" .
6516  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6517  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6518  AOT_hence x E!x]a
6519    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2"
6520  AOT_hence O!a
6521    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
6522  AOT_hence x O!x using "∃I" by blast
6523  AOT_thus x O!x using "T◇"[THEN "→E"] by blast
6524next
6525  AOT_obtain a where A!a
6526    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6527  AOT_hence ¬O!a using "oa-contingent:3"[THEN "≡E"(1)] by blast
6528  AOT_hence x ¬O!x using "∃I" by fast
6529  AOT_thus x ¬O!x using "T◇"[THEN "→E"] by blast
6530qed
6531
6532AOT_theorem "oa-contingent:5": Contingent(A!)
6533proof (rule "thm-cont-prop:2"[unvarify F, OF "oa-exist:2", THEN "≡E"(2)];
6534       rule "&I")
6535  AOT_obtain a where A!a
6536    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6537  AOT_hence x A!x using "∃I" by fast
6538  AOT_thus x A!x using "T◇"[THEN "→E"] by blast
6539next
6540  AOT_have x E!x using "thm-cont-e:3" .
6541  AOT_hence x E!x using "BF◇"[THEN "→E"] by blast
6542  then AOT_obtain a where E!a using "∃E"[rotated] by blast
6543  AOT_hence x E!x]a
6544    by (rule "beta-C-meta"[THEN "→E", THEN "≡E"(2), rotated]) "cqt:2[lambda]"
6545  AOT_hence O!a
6546    by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
6547  AOT_hence ¬A!a using "oa-contingent:2"[THEN "≡E"(1)] by blast
6548  AOT_hence x ¬A!x using "∃I" by fast
6549  AOT_thus x ¬A!x using "T◇"[THEN "→E"] by blast
6550qed
6551
6552AOT_theorem "oa-contingent:7": O!-x  ¬A!-x
6553proof -
6554  AOT_have O!x  ¬A!x
6555    using "oa-contingent:2" by blast
6556  also AOT_have   A!-x
6557    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:2"].
6558  finally AOT_have 1: O!x  A!-x.
6559
6560  AOT_have A!x  ¬O!x
6561    using "oa-contingent:3" by blast
6562  also AOT_have   O!-x
6563    using "thm-relation-negation:1"[symmetric, unvarify F, OF "oa-exist:1"].
6564  finally AOT_have 2: A!x  O!-x.
6565
6566  AOT_show O!-x  ¬A!-x
6567    using 1[THEN "oth-class-taut:4:b"[THEN "≡E"(1)]]
6568          "oa-contingent:3"[of _ x] 2[symmetric]
6569          "≡E"(5) by blast
6570qed
6571
6572AOT_theorem "oa-contingent:6": O!-  A!-
6573proof (rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6574  AOT_assume 1: O!- = A!-
6575  fix x
6576  AOT_have A!-x  O!-x
6577    apply (rule "rule=E"[rotated, OF 1])
6578    by (fact "oth-class-taut:3:a")
6579  AOT_hence A!-x  ¬A!-x
6580    using "oa-contingent:7" "≡E" by fast
6581  AOT_thus (A!-x  ¬A!-x) & ¬(A!-x  ¬A!-x)
6582    using "oth-class-taut:3:c" "&I" by blast
6583qed
6584
6585AOT_theorem "oa-contingent:8": Contingent(O!-)
6586  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:1", THEN "≡E"(1),
6587          OF "oa-contingent:4"].
6588
6589AOT_theorem "oa-contingent:9": Contingent(A!-)
6590  using "thm-cont-prop:3"[unvarify F, OF "oa-exist:2", THEN "≡E"(1),
6591          OF "oa-contingent:5"].
6592
6593AOT_define WeaklyContingent :: ‹Π  φ› (WeaklyContingent'(_'))
6594  "df-cont-nec":
6595  WeaklyContingent([F]) df Contingent([F]) & x ([F]x  [F]x)
6596
6597AOT_theorem "cont-nec-fact1:1":
6598  WeaklyContingent([F])  WeaklyContingent([F]-)
6599proof -
6600  AOT_have WeaklyContingent([F])  Contingent([F]) & x ([F]x  [F]x)
6601    using "df-cont-nec"[THEN "≡Df"] by blast
6602  also AOT_have ...  Contingent([F]-) & x ([F]x  [F]x)
6603    apply (rule "oth-class-taut:8:f"[THEN "≡E"(2)]; rule "→I")
6604    using "thm-cont-prop:3".
6605  also AOT_have   Contingent([F]-) & x ([F]-x  [F]-x)
6606  proof (rule "oth-class-taut:8:e"[THEN "≡E"(2)];
6607         rule "→I"; rule "≡I"; rule "→I"; rule GEN; rule "→I")
6608    fix x
6609    AOT_assume 0: x ([F]x  [F]x)
6610    AOT_assume 1: [F]-x
6611    AOT_have ¬[F]x
6612      by (AOT_subst (reverse) ¬[F]x [F]-x)
6613         (auto simp add: "thm-relation-negation:1" 1)
6614    AOT_hence 2: ¬[F]x
6615      using "KBasic:11"[THEN "≡E"(2)] by blast
6616    AOT_show [F]-x
6617    proof (rule "raa-cor:1")
6618      AOT_assume 3: ¬[F]-x
6619      AOT_have ¬¬[F]x
6620        by (AOT_subst (reverse) ¬[F]x [F]-x)
6621           (auto simp add: "thm-relation-negation:1" 3)
6622      AOT_hence [F]x
6623        using "conventions:5"[THEN "≡dfI"] by simp
6624      AOT_hence [F]x using 0 "∀E" "→E" by fast
6625      AOT_thus [F]x & ¬[F]x using "&I" 2 by blast
6626    qed
6627  next
6628    fix x
6629    AOT_assume 0: x ([F]-x  [F]-x)
6630    AOT_assume 1: [F]x
6631    AOT_have ¬[F]-x
6632      by (AOT_subst ¬[F]-x [F]x)
6633         (auto simp: "thm-relation-negation:2" 1)
6634    AOT_hence 2: ¬[F]-x
6635      using "KBasic:11"[THEN "≡E"(2)] by blast
6636    AOT_show [F]x
6637    proof (rule "raa-cor:1")
6638      AOT_assume 3: ¬[F]x
6639      AOT_have ¬¬[F]-x
6640        by (AOT_subst ¬[F]-x [F]x)
6641           (auto simp add: "thm-relation-negation:2" 3)
6642      AOT_hence [F]-x
6643        using "conventions:5"[THEN "≡dfI"] by simp
6644      AOT_hence [F]-x using 0 "∀E" "→E" by fast
6645      AOT_thus [F]-x & ¬[F]-x using "&I" 2 by blast
6646    qed
6647  qed
6648  also AOT_have   WeaklyContingent([F]-)
6649    using "df-cont-nec"[THEN "≡Df", symmetric] by blast
6650  finally show ?thesis.
6651qed
6652
6653AOT_theorem "cont-nec-fact1:2":
6654  (WeaklyContingent([F]) & ¬WeaklyContingent([G]))  F  G
6655proof (rule "→I"; rule "=-infix"[THEN "≡dfI"]; rule "raa-cor:2")
6656  AOT_assume 1: WeaklyContingent([F]) & ¬WeaklyContingent([G])
6657  AOT_hence WeaklyContingent([F]) using "&E" by blast
6658  moreover AOT_assume F = G
6659  ultimately AOT_have WeaklyContingent([G])
6660    using "rule=E" by blast
6661  AOT_thus WeaklyContingent([G]) & ¬WeaklyContingent([G])
6662    using 1 "&I" "&E" by blast
6663qed
6664
6665AOT_theorem "cont-nec-fact2:1": WeaklyContingent(O!)
6666proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6667  AOT_show Contingent(O!)
6668    using "oa-contingent:4".
6669next
6670  AOT_show x ([O!]x  [O!]x)
6671    apply (rule GEN; rule "→I")
6672    using "oa-facts:5"[THEN "≡E"(1)] by blast
6673qed
6674
6675
6676AOT_theorem "cont-nec-fact2:2": WeaklyContingent(A!)
6677proof (rule "df-cont-nec"[THEN "≡dfI"]; rule "&I")
6678  AOT_show Contingent(A!)
6679    using "oa-contingent:5".
6680next
6681  AOT_show x ([A!]x  [A!]x)
6682    apply (rule GEN; rule "→I")
6683    using "oa-facts:6"[THEN "≡E"(1)] by blast
6684qed
6685
6686AOT_theorem "cont-nec-fact2:3": ¬WeaklyContingent(E!)
6687proof (rule "df-cont-nec"[THEN "≡Df",
6688                          THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6689                          THEN "≡E"(2)];
6690       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(2); rule "raa-cor:2")
6691  AOT_have x (E!x & ¬𝒜E!x) using "qml:4"[axiom_inst].
6692  AOT_hence x (E!x & ¬𝒜E!x) using "BF◇"[THEN "→E"] by blast
6693  then AOT_obtain a where (E!a & ¬𝒜E!a) using "∃E"[rotated] by blast
6694  AOT_hence 1: E!a & ¬𝒜E!a using "KBasic2:3"[THEN "→E"] by simp
6695  moreover AOT_assume x ([E!]x  [E!]x)
6696  ultimately AOT_have E!a using "&E" "∀E" "→E" by fast
6697  AOT_hence 𝒜E!a using "nec-imp-act"[THEN "→E"] by blast
6698  AOT_hence 𝒜E!a using "qml-act:1"[axiom_inst, THEN "→E"] by blast
6699  moreover AOT_have ¬𝒜E!a
6700    using "KBasic:11"[THEN "≡E"(2)] 1[THEN "&E"(2)] by meson
6701  ultimately AOT_have 𝒜E!a & ¬𝒜E!a using "&I" by blast
6702  AOT_thus p & ¬p for p using "raa-cor:1" by blast
6703qed
6704
6705AOT_theorem "cont-nec-fact2:4": ¬WeaklyContingent(L)
6706  apply (rule "df-cont-nec"[THEN "≡Df",
6707                            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6708                            THEN "≡E"(2)];
6709       rule DeMorgan(1)[THEN "≡E"(2)]; rule "∨I"(1))
6710  apply (rule "contingent-properties:4"
6711                [THEN "≡Df",
6712                 THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6713                 THEN "≡E"(2)])
6714  apply (rule DeMorgan(1)[THEN "≡E"(2)];
6715         rule "∨I"(2);
6716         rule "useful-tautologies:2"[THEN "→E"])
6717  using "thm-noncont-e-e:3"[THEN "contingent-properties:3"[THEN "≡dfE"]].
6718
6719AOT_theorem "cont-nec-fact2:5": O!  E! & O!  E!- & O!  L & O!  L-
6720proof -
6721  AOT_have 1: L
6722    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6723  {
6724    fix φ and Π Π' :: <κ>
6725    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6726    proof (rule "raa-cor:2")
6727      AOT_assume φ{Π'}  φ{Π}
6728      AOT_hence φ{Π'} using that(1) "≡E" by blast
6729      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6730    qed
6731    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6732      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6733                                 OF that(1,2), OF A[OF that(3, 4)]].
6734  } note 0 = this
6735  show ?thesis
6736    apply(safe intro!: "&I"; rule 0)
6737    using "cqt:2[concrete]"[axiom_inst] apply blast
6738    using "oa-exist:1" apply blast
6739    using "cont-nec-fact2:3" apply fast
6740    apply (rule "useful-tautologies:2"[THEN "→E"])
6741    using "cont-nec-fact2:1" apply fast
6742    using "rel-neg-T:3" apply fast
6743    using "oa-exist:1" apply blast
6744    using "cont-nec-fact1:1"[unvarify F,
6745            THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6746            THEN "≡E"(1), rotated, OF "cont-nec-fact2:3",
6747            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6748    apply (rule "useful-tautologies:2"[THEN "→E"])
6749    using "cont-nec-fact2:1" apply blast
6750    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6751    using "oa-exist:1" apply fast
6752    using "cont-nec-fact2:4" apply fast
6753    apply (rule "useful-tautologies:2"[THEN "→E"])
6754    using "cont-nec-fact2:1" apply fast
6755    using "rel-neg-T:3" apply fast
6756    using "oa-exist:1" apply fast
6757     apply (rule "cont-nec-fact1:1"[unvarify F,
6758                    THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6759                    THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6760    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6761    apply (rule "useful-tautologies:2"[THEN "→E"])
6762    using "cont-nec-fact2:1" by blast
6763qed
6764
6765AOT_theorem "cont-nec-fact2:6": A!  E! & A!  E!- & A!  L & A!  L-
6766proof -
6767  AOT_have 1: L
6768    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
6769  {
6770    fix φ and Π Π' :: <κ>
6771    AOT_have A: ¬(φ{Π'}  φ{Π}) if  φ{Π} and ¬φ{Π'}
6772    proof (rule "raa-cor:2")
6773      AOT_assume φ{Π'}  φ{Π}
6774      AOT_hence φ{Π'} using that(1) "≡E" by blast
6775      AOT_thus φ{Π'} & ¬φ{Π'} using that(2) "&I" by blast
6776    qed
6777    AOT_have Π'  Π if Π and Π' and φ{Π} and ¬φ{Π'}
6778      using "pos-not-equiv-ne:4"[unvarify F G, THEN "→E",
6779              OF that(1,2), OF A[OF that(3, 4)]].
6780  } note 0 = this
6781  show ?thesis
6782    apply(safe intro!: "&I"; rule 0)
6783    using "cqt:2[concrete]"[axiom_inst] apply blast
6784    using "oa-exist:2" apply blast
6785    using "cont-nec-fact2:3" apply fast
6786    apply (rule "useful-tautologies:2"[THEN "→E"])
6787    using "cont-nec-fact2:2" apply fast
6788    using "rel-neg-T:3" apply fast
6789    using "oa-exist:2" apply blast
6790    using "cont-nec-fact1:1"[unvarify F,
6791            THEN "oth-class-taut:4:b"[THEN "≡E"(1)], THEN "≡E"(1),
6792            rotated, OF "cont-nec-fact2:3",
6793            OF "cqt:2[concrete]"[axiom_inst]] apply fast
6794    apply (rule "useful-tautologies:2"[THEN "→E"])
6795    using "cont-nec-fact2:2" apply blast
6796    apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6797    using "oa-exist:2" apply fast
6798    using "cont-nec-fact2:4" apply fast
6799    apply (rule "useful-tautologies:2"[THEN "→E"])
6800    using "cont-nec-fact2:2" apply fast
6801    using "rel-neg-T:3" apply fast
6802    using "oa-exist:2" apply fast
6803     apply (rule "cont-nec-fact1:1"[unvarify F,
6804              THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
6805              THEN "≡E"(1), rotated, OF "cont-nec-fact2:4"])
6806     apply (rule "=dfI"(2)[OF L_def]; "cqt:2[lambda]")
6807    apply (rule "useful-tautologies:2"[THEN "→E"])
6808    using "cont-nec-fact2:2" by blast
6809qed
6810
6811AOT_define necessary_or_contingently_false :: ‹φ  φ› ("Δ_" [49] 54)
6812  Δp df p  (¬𝒜p & p)
6813
6814AOT_theorem sixteen:
6815 shows F1F2F3F4F5F6F7F8F9F10F11F12F13F14F15F16 (
6816  «F1::<κ>»  F2 & F1  F3 & F1  F4 & F1  F5 & F1  F6 & F1  F7 &
6817    F1  F8 & F1  F9 & F1  F10 & F1  F11 & F1  F12 & F1  F13 &
6818    F1  F14 & F1  F15 & F1  F16 &
6819  F2  F3 & F2  F4 & F2  F5 & F2  F6 & F2  F7 & F2  F8 &
6820    F2  F9 & F2  F10 & F2  F11 & F2  F12 & F2  F13 & F2  F14 &
6821    F2  F15 & F2  F16 &
6822  F3  F4 & F3  F5 & F3  F6 & F3  F7 & F3  F8 & F3  F9 & F3  F10 &
6823    F3  F11 & F3  F12 & F3  F13 & F3  F14 & F3  F15 & F3  F16 &
6824  F4  F5 & F4  F6 & F4  F7 & F4  F8 & F4  F9 & F4  F10 & F4  F11 &
6825    F4  F12 & F4  F13 & F4  F14 & F4  F15 & F4  F16 &
6826  F5  F6 & F5  F7 & F5  F8 & F5  F9 & F5  F10 & F5  F11 & F5  F12 &
6827    F5  F13 & F5  F14 & F5  F15 & F5  F16 &
6828  F6  F7 & F6  F8 & F6  F9 & F6  F10 & F6  F11 & F6  F12 & F6  F13 &
6829    F6  F14 & F6  F15 & F6  F16 &
6830  F7  F8 & F7  F9 & F7  F10 & F7  F11 & F7  F12 & F7  F13 & F7  F14 &
6831    F7  F15 & F7  F16 &
6832  F8  F9 & F8  F10 & F8  F11 & F8  F12 & F8  F13 & F8  F14 & F8  F15 &
6833    F8  F16 &
6834  F9  F10 & F9  F11 & F9  F12 & F9  F13 & F9  F14 & F9  F15 & F9  F16 &
6835  F10  F11 & F10  F12 & F10  F13 & F10  F14 & F10  F15 & F10  F16 &
6836  F11  F12 & F11  F13 & F11  F14 & F11  F15 & F11  F16 &
6837  F12  F13 & F12  F14 & F12  F15 & F12  F16 &
6838  F13  F14 & F13  F15 & F13  F16 &
6839  F14  F15 & F14  F16 &
6840  F15  F16) 
6841proof -
6842  AOT_have Delta_pos: Δφ  φ for φ
6843  proof(rule "→I")
6844    AOT_assume Δφ
6845    AOT_hence φ  (¬𝒜φ & φ)
6846      using "≡dfE"[OF necessary_or_contingently_false] by blast
6847    moreover {
6848      AOT_assume φ
6849      AOT_hence φ
6850        by (metis "B◇" "T◇" "vdash-properties:10")
6851    }
6852    moreover {
6853      AOT_assume ¬𝒜φ & φ
6854      AOT_hence φ
6855        using "&E" by blast
6856    }
6857    ultimately AOT_show φ
6858      by (metis "∨E"(2) "raa-cor:1") 
6859  qed
6860
6861  AOT_have act_and_not_nec_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6862    using "≡dfE" "&E"(1) "∨E"(2) necessary_or_contingently_false
6863          "raa-cor:3" that(1,2) by blast
6864  AOT_have act_and_pos_not_not_delta: ¬Δφ if 𝒜φ and ¬φ for φ
6865    using "KBasic:11" act_and_not_nec_not_delta "≡E"(2) that(1,2) by blast
6866  AOT_have impossible_delta: ¬Δφ if ¬φ for φ
6867    using Delta_pos "modus-tollens:1" that by blast
6868  AOT_have not_act_and_pos_delta: Δφ if ¬𝒜φ and φ for φ
6869    by (meson "≡dfI" "&I" "∨I"(2) necessary_or_contingently_false that(1,2))
6870  AOT_have nec_delta: Δφ if φ for φ
6871    using "≡dfI" "∨I"(1) necessary_or_contingently_false that by blast
6872
6873  AOT_obtain a where a_prop: A!a
6874    using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
6875  AOT_obtain b where b_prop: [E!]b & ¬𝒜[E!]b
6876    using "pos-not-pna:3" using "∃E"[rotated] by blast
6877
6878  AOT_have b_ord: [O!]b
6879  proof(rule "=dfI"(2)[OF AOT_ordinary])
6880    AOT_show x [E!]x] by "cqt:2[lambda]"
6881  next
6882    AOT_show x [E!]x]b
6883    proof (rule "β←C"(1); ("cqt:2[lambda]")?)
6884      AOT_show b by (rule "cqt:2[const_var]"[axiom_inst])
6885      AOT_show [E!]b by (fact b_prop[THEN "&E"(1)])
6886    qed
6887  qed
6888
6889  AOT_have nec_not_L_neg: ¬[L-]x for x
6890    using "thm-noncont-e-e:2" "contingent-properties:2"[THEN "≡dfE"] "&E"
6891          CBF[THEN "→E"] "∀E" by blast
6892  AOT_have nec_L: [L]x for x
6893    using "thm-noncont-e-e:1" "contingent-properties:1"[THEN "≡dfE"]
6894      CBF[THEN "→E"] "∀E" by blast
6895
6896  AOT_have act_ord_b: 𝒜[O!]b
6897    using b_ord "≡E"(1) "oa-facts:7" by blast
6898  AOT_have delta_ord_b: Δ[O!]b
6899    by (meson "≡dfI" b_ord "∨I"(1) necessary_or_contingently_false
6900              "oa-facts:1" "→E")
6901  AOT_have not_act_ord_a: ¬𝒜[O!]a
6902    by (meson a_prop "≡E"(1) "≡E"(3) "oa-contingent:3" "oa-facts:7")
6903  AOT_have not_delta_ord_a: ¬Δ[O!]a
6904    by (metis Delta_pos "≡E"(4) not_act_ord_a "oa-facts:3" "oa-facts:7"
6905              "reductio-aa:1" "→E")
6906
6907  AOT_have not_act_abs_b: ¬𝒜[A!]b
6908    by (meson b_ord "≡E"(1) "≡E"(3) "oa-contingent:2" "oa-facts:8")
6909  AOT_have not_delta_abs_b: ¬Δ[A!]b
6910  proof(rule "raa-cor:2")
6911    AOT_assume Δ[A!]b
6912    AOT_hence [A!]b
6913      by (metis Delta_pos "vdash-properties:10")
6914    AOT_thus [A!]b & ¬[A!]b
6915      by (metis b_ord "&I" "≡E"(1) "oa-contingent:2"
6916                "oa-facts:4" "→E")
6917  qed
6918  AOT_have act_abs_a: 𝒜[A!]a
6919    using a_prop "≡E"(1) "oa-facts:8" by blast
6920  AOT_have delta_abs_a: Δ[A!]a
6921    by (metis "≡dfI" a_prop "oa-facts:2" "→E" "∨I"(1)
6922              necessary_or_contingently_false)
6923
6924  AOT_have not_act_concrete_b: ¬𝒜[E!]b
6925    using b_prop "&E"(2) by blast
6926  AOT_have delta_concrete_b: Δ[E!]b
6927  proof (rule "≡dfI"[OF necessary_or_contingently_false];
6928         rule "∨I"(2); rule "&I")
6929    AOT_show ¬𝒜[E!]b using b_prop "&E"(2) by blast
6930  next
6931    AOT_show [E!]b using b_prop "&E"(1) by blast
6932  qed
6933  AOT_have not_act_concrete_a: ¬𝒜[E!]a
6934  proof (rule "raa-cor:2")
6935    AOT_assume 𝒜[E!]a
6936    AOT_hence 1: [E!]a by (metis "Act-Sub:3" "→E")
6937    AOT_have [A!]a by (simp add: a_prop)
6938    AOT_hence x ¬[E!]x]a
6939      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2"
6940    AOT_hence ¬[E!]a using "β→C"(1) by blast
6941    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6942  qed
6943  AOT_have not_delta_concrete_a: ¬Δ[E!]a
6944  proof (rule "raa-cor:2")
6945    AOT_assume Δ[E!]a
6946    AOT_hence 1: [E!]a by (metis Delta_pos "vdash-properties:10")
6947    AOT_have [A!]a by (simp add: a_prop)
6948    AOT_hence x ¬[E!]x]a
6949      by (rule "=dfE"(2)[OF AOT_abstract, rotated]) "cqt:2[lambda]"
6950    AOT_hence ¬[E!]a using "β→C"(1) by blast
6951    AOT_thus [E!]a & ¬[E!]a using 1 "&I" by blast
6952  qed
6953
6954  AOT_have not_act_q_zero: ¬𝒜q0
6955    by (meson "log-prop-prop:2" "pos-not-pna:1"
6956              q0_def "reductio-aa:1" "rule-id-df:2:a[zero]")
6957  AOT_have delta_q_zero: Δq0
6958  proof(rule "≡dfI"[OF necessary_or_contingently_false];
6959        rule "∨I"(2); rule "&I")
6960    AOT_show ¬𝒜q0 using not_act_q_zero.
6961    AOT_show q0 by (meson "&E"(1) q0_prop)
6962  qed
6963  AOT_have act_not_q_zero: 𝒜¬q0
6964    using "Act-Basic:1" "∨E"(2) not_act_q_zero by blast
6965  AOT_have not_delta_not_q_zero: ¬Δ¬q0
6966    using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
6967          "&E"(1) "∨E"(2) not_act_q_zero q0_prop by blast
6968
6969  AOT_have [L-] by (simp add: "rel-neg-T:3")
6970  moreover AOT_have ¬𝒜[L-]b & ¬Δ[L-]b & ¬𝒜[L-]a & ¬Δ[L-]a
6971  proof (safe intro!: "&I")
6972    AOT_show ¬𝒜[L-]b
6973      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst] "nec-imp-act"
6974                nec_not_L_neg "→E")
6975    AOT_show ¬Δ[L-]b
6976      by (meson Delta_pos "KBasic2:1" "≡E"(1)
6977                "modus-tollens:1" nec_not_L_neg)
6978    AOT_show ¬𝒜[L-]a
6979      by (meson "≡E"(1) "logic-actual-nec:1"[axiom_inst]
6980                "nec-imp-act" nec_not_L_neg "→E")
6981    AOT_show ¬Δ[L-]a
6982      using Delta_pos "KBasic2:1" "≡E"(1) "modus-tollens:1"
6983            nec_not_L_neg by blast
6984  qed
6985  ultimately AOT_obtain F0 where ¬𝒜[F0]b & ¬Δ[F0]b & ¬𝒜[F0]a & ¬Δ[F0]a
6986    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
6987  AOT_hence ¬𝒜[F0]b and ¬Δ[F0]b and ¬𝒜[F0]a and ¬Δ[F0]a
6988    using "&E" by blast+
6989  note props = this
6990
6991  let  = "«y [A!]y & q0]»"
6992  AOT_modally_strict {
6993    AOT_have [«»] by "cqt:2[lambda]"
6994  } note 1 = this
6995  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
6996  proof (safe intro!: "&I"; AOT_subst y A!y & q0]x A!x & q0 for: x)
6997    AOT_show ¬𝒜([A!]b & q0)
6998      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
6999  next AOT_show ¬Δ([A!]b & q0)
7000      by (metis Delta_pos "KBasic2:3" "&E"(1) "≡E"(4) not_act_abs_b
7001                "oa-facts:4" "oa-facts:8" "raa-cor:3" "→E")
7002  next AOT_show ¬𝒜([A!]a & q0)
7003      using "Act-Basic:2" "&E"(2) "≡E"(1) not_act_q_zero
7004            "raa-cor:3" by blast
7005  next AOT_show Δ([A!]a & q0)
7006    proof (rule not_act_and_pos_delta)
7007      AOT_show ¬𝒜([A!]a & q0)
7008        using "Act-Basic:2" "&E"(2) "≡E"(4) not_act_q_zero
7009              "raa-cor:3" by blast
7010    next AOT_show ([A!]a & q0)
7011        by (metis "&I" "→E" Delta_pos "KBasic:16" "&E"(1) delta_abs_a
7012                  "≡E"(1) "oa-facts:6" q0_prop)
7013    qed
7014  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7015  ultimately AOT_obtain F1 where ¬𝒜[F1]b & ¬Δ[F1]b & ¬𝒜[F1]a & Δ[F1]a
7016    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7017  AOT_hence ¬𝒜[F1]b and ¬Δ[F1]b and ¬𝒜[F1]a and Δ[F1]a
7018    using "&E" by blast+
7019  note props = props this
7020
7021  let  = "«y [A!]y & ¬q0]»"
7022  AOT_modally_strict {
7023    AOT_have [«»] by "cqt:2[lambda]"
7024  } note 1 = this
7025  moreover AOT_have ¬𝒜[«»]b & ¬Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7026  proof (safe intro!: "&I"; AOT_subst y A!y & ¬q0]x A!x & ¬q0 for: x)
7027    AOT_show ¬𝒜([A!]b & ¬q0)
7028      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_abs_b "raa-cor:3" by blast
7029  next AOT_show ¬Δ([A!]b & ¬q0)
7030      by (meson "RM◇" Delta_pos "Conjunction Simplification"(1) "≡E"(4)
7031                "modus-tollens:1" not_act_abs_b "oa-facts:4" "oa-facts:8")
7032  next AOT_show 𝒜([A!]a & ¬q0)
7033      by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7034                "≡E"(3) not_act_q_zero "raa-cor:3")
7035  next AOT_show ¬Δ([A!]a & ¬q0)
7036    proof (rule act_and_not_nec_not_delta)
7037      AOT_show 𝒜([A!]a & ¬q0)
7038        by (metis "Act-Basic:1" "Act-Basic:2" act_abs_a "&I" "∨E"(2)
7039                  "≡E"(3) not_act_q_zero "raa-cor:3")
7040    next
7041      AOT_show ¬([A!]a & ¬q0)
7042        by (metis "KBasic2:1" "KBasic:3" "&E"(1) "&E"(2) "≡E"(4)
7043                  q0_prop "raa-cor:3")
7044    qed
7045  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7046  ultimately AOT_obtain F2 where ¬𝒜[F2]b & ¬Δ[F2]b & 𝒜[F2]a & ¬Δ[F2]a
7047    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7048  AOT_hence ¬𝒜[F2]b and ¬Δ[F2]b and 𝒜[F2]a and ¬Δ[F2]a
7049    using "&E" by blast+
7050  note props = props this
7051
7052  AOT_have abstract_prop: ¬𝒜[A!]b & ¬Δ[A!]b & 𝒜[A!]a & Δ[A!]a
7053    using act_abs_a "&I" delta_abs_a not_act_abs_b not_delta_abs_b
7054    by presburger
7055  then AOT_obtain F3 where ¬𝒜[F3]b & ¬Δ[F3]b & 𝒜[F3]a & Δ[F3]a
7056    using "∃I"(1)[rotated, THEN "∃E"[rotated]] "oa-exist:2" by fastforce
7057  AOT_hence ¬𝒜[F3]b and ¬Δ[F3]b and 𝒜[F3]a and Δ[F3]a
7058    using "&E" by blast+
7059  note props = props this
7060
7061  AOT_have ¬𝒜[E!]b & Δ[E!]b & ¬𝒜[E!]a & ¬Δ[E!]a
7062    by (meson "&I" delta_concrete_b not_act_concrete_a
7063              not_act_concrete_b not_delta_concrete_a)
7064  then AOT_obtain F4 where ¬𝒜[F4]b & Δ[F4]b & ¬𝒜[F4]a & ¬Δ[F4]a
7065    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7066    by fastforce
7067  AOT_hence ¬𝒜[F4]b and Δ[F4]b and ¬𝒜[F4]a and ¬Δ[F4]a
7068    using "&E" by blast+
7069  note props = props this
7070
7071  AOT_modally_strict {
7072    AOT_have y q0] by "cqt:2[lambda]"
7073  } note 1 = this
7074  moreover AOT_have ¬𝒜y q0]b & Δy q0]b & ¬𝒜y q0]a & Δy q0]a
7075    by (safe intro!: "&I"; AOT_subst y q0]b q0 for: b)
7076       (auto simp: not_act_q_zero delta_q_zero  "beta-C-meta"[THEN "→E", OF 1])
7077  ultimately AOT_obtain F5 where ¬𝒜[F5]b & Δ[F5]b & ¬𝒜[F5]a & Δ[F5]a
7078    using "cqt:2[concrete]"[axiom_inst] "∃I"(1)[rotated, THEN "∃E"[rotated]]
7079    by fastforce
7080  AOT_hence ¬𝒜[F5]b and Δ[F5]b and ¬𝒜[F5]a and Δ[F5]a
7081    using "&E" by blast+
7082  note props = props this
7083
7084  let  = "«y [E!]y  ([A!]y & ¬q0)]»"
7085  AOT_modally_strict {
7086    AOT_have [«»] by "cqt:2[lambda]"
7087  } note 1 = this
7088  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7089  proof(safe intro!: "&I";
7090        AOT_subst y E!y  (A!y & ¬q0)]x E!x  (A!x & ¬q0) for: x)
7091    AOT_have 𝒜¬([A!]b & ¬q0)
7092      by (metis "Act-Basic:1" "Act-Basic:2" abstract_prop "&E"(1) "∨E"(2)
7093                "≡E"(1) "raa-cor:3")
7094    moreover AOT_have ¬𝒜[E!]b
7095      using b_prop "&E"(2) by blast
7096    ultimately AOT_have 2: 𝒜(¬[E!]b & ¬([A!]b & ¬q0))
7097      by (metis "Act-Basic:2" "Act-Sub:1" "&I" "≡E"(3) "raa-cor:1")
7098    AOT_have 𝒜¬([E!]b  ([A!]b & ¬q0))
7099      by (AOT_subst ¬([E!]b  ([A!]b & ¬q0)) ¬[E!]b & ¬([A!]b & ¬q0))
7100         (auto simp: "oth-class-taut:5:d" 2)
7101    AOT_thus ¬𝒜([E!]b  ([A!]b & ¬q0))
7102      by (metis "¬¬I" "Act-Sub:1" "≡E"(4))
7103  next
7104    AOT_show Δ([E!]b  ([A!]b & ¬q0))
7105    proof (rule not_act_and_pos_delta)
7106      AOT_show ¬𝒜([E!]b  ([A!]b & ¬q0))
7107        by (metis "Act-Basic:2" "Act-Basic:9" "∨E"(2) "raa-cor:3"
7108                  "Conjunction Simplification"(1) "≡E"(4)
7109                  "modus-tollens:1" not_act_abs_b not_act_concrete_b)
7110    next
7111      AOT_show ([E!]b  ([A!]b & ¬q0))
7112        using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3) "raa-cor:3" by blast
7113    qed
7114  next AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7115      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7116                "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7117  next AOT_show ¬Δ([E!]a  ([A!]a & ¬q0))
7118    proof (rule act_and_not_nec_not_delta)
7119      AOT_show 𝒜([E!]a  ([A!]a & ¬q0))
7120        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_abs_a "&I"
7121                  "∨I"(2) "∨E"(2) "≡E"(3) not_act_q_zero "raa-cor:1")
7122    next
7123      AOT_have ¬[E!]a
7124        by (metis "≡dfI" "conventions:5" "&I" "∨I"(2)
7125                  necessary_or_contingently_false
7126                  not_act_concrete_a not_delta_concrete_a "raa-cor:3")
7127      moreover AOT_have ¬([A!]a & ¬q0)
7128        by (metis "KBasic2:1" "KBasic:11" "KBasic:3"
7129                  "&E"(1,2) "≡E"(1) q0_prop "raa-cor:3")
7130      ultimately AOT_have (¬[E!]a & ¬([A!]a & ¬q0))
7131        by (metis "KBasic:16" "&I" "vdash-properties:10")
7132      AOT_hence ¬([E!]a  ([A!]a & ¬q0))
7133        by (metis "RE◇" "≡E"(2) "oth-class-taut:5:d")
7134      AOT_thus ¬([E!]a  ([A!]a & ¬q0))
7135        by (metis "KBasic:12" "≡E"(1) "raa-cor:3")
7136    qed
7137  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7138  ultimately AOT_obtain F6 where ¬𝒜[F6]b & Δ[F6]b & 𝒜[F6]a & ¬Δ[F6]a
7139    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7140  AOT_hence ¬𝒜[F6]b and Δ[F6]b and 𝒜[F6]a and ¬Δ[F6]a
7141    using "&E" by blast+
7142  note props = props this
7143
7144  let  = "«y [A!]y  [E!]y]»"
7145  AOT_modally_strict {
7146    AOT_have [«»] by "cqt:2[lambda]"
7147  } note 1 = this
7148  moreover AOT_have ¬𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & Δ[«»]a
7149  proof(safe intro!: "&I"; AOT_subst y A!y  E!y]x A!x  E!x for: x)
7150    AOT_show ¬𝒜([A!]b  [E!]b)
7151      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7152            not_act_concrete_b "raa-cor:3" by blast
7153  next AOT_show Δ([A!]b  [E!]b)
7154    proof (rule not_act_and_pos_delta)
7155      AOT_show ¬𝒜([A!]b  [E!]b)
7156        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_abs_b
7157              not_act_concrete_b "raa-cor:3" by blast
7158    next AOT_show ([A!]b  [E!]b)
7159        using "KBasic2:2" b_prop "&E"(1) "∨I"(2) "≡E"(2) by blast
7160    qed
7161  next AOT_show 𝒜([A!]a  [E!]a)
7162      by (meson "Act-Basic:9" act_abs_a "∨I"(1) "≡E"(2))
7163  next AOT_show Δ([A!]a  [E!]a)
7164    proof (rule nec_delta)
7165      AOT_show ([A!]a  [E!]a)
7166        by (metis "KBasic:15" act_abs_a act_and_not_nec_not_delta
7167                  "Disjunction Addition"(1) delta_abs_a "raa-cor:3" "→E")
7168    qed
7169  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7170  ultimately AOT_obtain F7 where ¬𝒜[F7]b & Δ[F7]b & 𝒜[F7]a & Δ[F7]a
7171    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7172  AOT_hence ¬𝒜[F7]b and Δ[F7]b and 𝒜[F7]a and Δ[F7]a
7173    using "&E" by blast+
7174  note props = props this
7175
7176  let  = "«y [O!]y & ¬[E!]y]»"
7177  AOT_modally_strict {
7178    AOT_have [«»] by "cqt:2[lambda]"
7179  } note 1 = this
7180  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & ¬Δ[«»]a
7181  proof(safe intro!: "&I"; AOT_subst y O!y & ¬E!y]x O!x & ¬E!x for: x)
7182    AOT_show 𝒜([O!]b & ¬[E!]b)
7183      by (metis "Act-Basic:1" "Act-Basic:2" act_ord_b "&I" "∨E"(2)
7184                "≡E"(3) not_act_concrete_b "raa-cor:3")
7185  next AOT_show ¬Δ([O!]b & ¬[E!]b)
7186      by (metis (no_types, hide_lams) "conventions:5" "Act-Sub:1" "RM:1"
7187                act_and_not_nec_not_delta "act-conj-act:3"
7188                act_ord_b b_prop "&I" "&E"(1) "Conjunction Simplification"(2)
7189                "df-rules-formulas[3]"
7190                "≡E"(3) "raa-cor:1" "→E")
7191  next AOT_show ¬𝒜([O!]a & ¬[E!]a)
7192      using "Act-Basic:2" "&E"(1) "≡E"(1) not_act_ord_a "raa-cor:3" by blast
7193  next AOT_have ¬([O!]a & ¬[E!]a)
7194      by (metis "KBasic2:3" "&E"(1) "≡E"(4) not_act_ord_a "oa-facts:3"
7195                "oa-facts:7" "raa-cor:3" "vdash-properties:10")
7196    AOT_thus ¬Δ([O!]a & ¬[E!]a)
7197      by (rule impossible_delta)
7198  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7199  ultimately AOT_obtain F8 where 𝒜[F8]b & ¬Δ[F8]b & ¬𝒜[F8]a & ¬Δ[F8]a
7200    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7201  AOT_hence 𝒜[F8]b and ¬Δ[F8]b and ¬𝒜[F8]a and ¬Δ[F8]a
7202    using "&E" by blast+
7203  note props = props this
7204
7205  let  = "«y ¬[E!]y & ([O!]y  q0)]»"
7206  AOT_modally_strict {
7207    AOT_have [«»] by "cqt:2[lambda]"
7208  } note 1 = this
7209  moreover AOT_have 𝒜[«»]b & ¬Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7210  proof(safe intro!: "&I";
7211        AOT_subst y ¬E!y & (O!y  q0)]x ¬E!x & (O!x  q0) for: x)
7212    AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7213      by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7214                "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7215  next AOT_show ¬Δ(¬[E!]b & ([O!]b  q0))
7216    proof (rule act_and_pos_not_not_delta)
7217      AOT_show 𝒜(¬[E!]b & ([O!]b  q0))
7218        by (metis "Act-Basic:1" "Act-Basic:2" "Act-Basic:9" act_ord_b "&I"
7219                  "∨I"(1) "∨E"(2) "≡E"(3) not_act_concrete_b "raa-cor:1")
7220    next
7221      AOT_show ¬(¬[E!]b & ([O!]b  q0))
7222      proof (AOT_subst ¬(¬[E!]b & ([O!]b  q0)) [E!]b  ¬([O!]b  q0))
7223        AOT_modally_strict {
7224          AOT_show ¬(¬[E!]b & ([O!]b  q0))  [E!]b  ¬([O!]b  q0)
7225            by (metis "&I" "&E"(1,2) "∨I"(1,2) "∨E"(2)
7226                      "→I" "≡I" "reductio-aa:1")
7227        }
7228      next
7229        AOT_show ([E!]b  ¬([O!]b  q0))
7230          using "KBasic2:2" b_prop "&E"(1) "∨I"(1) "≡E"(3)
7231                "raa-cor:3" by blast
7232       qed
7233     qed
7234   next
7235     AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7236       using "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7237             not_act_ord_a not_act_q_zero "reductio-aa:2" by blast
7238   next
7239     AOT_show Δ(¬[E!]a & ([O!]a  q0))
7240     proof (rule not_act_and_pos_delta)
7241       AOT_show ¬𝒜(¬[E!]a & ([O!]a  q0))
7242         by (metis "Act-Basic:2" "Act-Basic:9" "&E"(2) "∨E"(3) "≡E"(1)
7243                   not_act_ord_a not_act_q_zero "reductio-aa:2")
7244     next
7245       AOT_have ¬[E!]a
7246         using "KBasic2:1" "≡E"(2) not_act_and_pos_delta not_act_concrete_a
7247               not_delta_concrete_a "raa-cor:5" by blast
7248       moreover AOT_have ([O!]a  q0)
7249         by (metis "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(3) q0_prop "raa-cor:3")
7250       ultimately AOT_show (¬[E!]a & ([O!]a  q0))
7251         by (metis "KBasic:16" "&I" "vdash-properties:10")
7252     qed
7253   qed(auto simp:  "beta-C-meta"[THEN "→E", OF 1])
7254  ultimately AOT_obtain F9 where 𝒜[F9]b & ¬Δ[F9]b & ¬𝒜[F9]a & Δ[F9]a
7255    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7256  AOT_hence 𝒜[F9]b and ¬Δ[F9]b and ¬𝒜[F9]a and Δ[F9]a
7257    using "&E" by blast+
7258  note props = props this
7259
7260  AOT_modally_strict {
7261    AOT_have y ¬q0] by "cqt:2[lambda]"
7262  } note 1 = this
7263  moreover AOT_have 𝒜y ¬q0]b & ¬Δy ¬q0]b & 𝒜y ¬q0]a & ¬Δy ¬q0]a
7264    by (safe intro!: "&I"; AOT_subst y ¬q0]x ¬q0 for: x)
7265       (auto simp: act_not_q_zero not_delta_not_q_zero
7266                   "beta-C-meta"[THEN "→E", OF 1])
7267  ultimately AOT_obtain F10 where 𝒜[F10]b & ¬Δ[F10]b & 𝒜[F10]a & ¬Δ[F10]a
7268    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7269  AOT_hence 𝒜[F10]b and ¬Δ[F10]b and 𝒜[F10]a and ¬Δ[F10]a
7270    using "&E" by blast+
7271  note props = props this
7272
7273  AOT_modally_strict {
7274    AOT_have y ¬[E!]y] by "cqt:2[lambda]"
7275  } note 1 = this
7276  moreover AOT_have 𝒜y ¬[E!]y]b & ¬Δy ¬[E!]y]b &
7277                     𝒜y ¬[E!]y]a & Δy ¬[E!]y]a
7278  proof (safe intro!: "&I"; AOT_subst y ¬[E!]y]x ¬[E!]x for: x)
7279    AOT_show 𝒜¬[E!]b
7280      using "Act-Basic:1" "∨E"(2) not_act_concrete_b by blast
7281  next AOT_show ¬Δ¬[E!]b
7282      using "≡dfE" "conventions:5" "Act-Basic:1" act_and_not_nec_not_delta
7283            b_prop "&E"(1) "∨E"(2) not_act_concrete_b by blast
7284  next AOT_show 𝒜¬[E!]a
7285      using "Act-Basic:1" "∨E"(2) not_act_concrete_a by blast
7286  next AOT_show Δ¬[E!]a
7287      using "KBasic2:1" "≡E"(2) nec_delta not_act_and_pos_delta
7288            not_act_concrete_a not_delta_concrete_a "reductio-aa:1"
7289      by blast
7290  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7291  ultimately AOT_obtain F11 where 𝒜[F11]b & ¬Δ[F11]b & 𝒜[F11]a & Δ[F11]a
7292    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7293  AOT_hence 𝒜[F11]b and ¬Δ[F11]b and 𝒜[F11]a and Δ[F11]a
7294    using "&E" by blast+
7295  note props = props this
7296
7297  AOT_have 𝒜[O!]b & Δ[O!]b & ¬𝒜[O!]a & ¬Δ[O!]a
7298    by (simp add: act_ord_b "&I" delta_ord_b not_act_ord_a not_delta_ord_a)
7299  then AOT_obtain F12 where 𝒜[F12]b & Δ[F12]b & ¬𝒜[F12]a & ¬Δ[F12]a
7300    using "oa-exist:1" "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7301  AOT_hence 𝒜[F12]b and Δ[F12]b and ¬𝒜[F12]a and ¬Δ[F12]a
7302    using "&E" by blast+
7303  note props = props this
7304
7305  let  = "«y [O!]y  q0]»"
7306  AOT_modally_strict {
7307    AOT_have [«»] by "cqt:2[lambda]"
7308  } note 1 = this
7309  moreover AOT_have 𝒜[«»]b & Δ[«»]b & ¬𝒜[«»]a & Δ[«»]a
7310  proof (safe intro!: "&I"; AOT_subst y O!y  q0]x O!x  q0 for: x)
7311    AOT_show 𝒜([O!]b  q0)
7312      by (meson "Act-Basic:9" act_ord_b "∨I"(1) "≡E"(2))
7313  next AOT_show Δ([O!]b  q0)
7314      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7315  next AOT_show ¬𝒜([O!]a  q0)
7316      using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7317            not_act_q_zero "raa-cor:3" by blast
7318  next AOT_show Δ([O!]a  q0)
7319    proof (rule not_act_and_pos_delta)
7320      AOT_show ¬𝒜([O!]a  q0)
7321        using "Act-Basic:9" "∨E"(2) "≡E"(4) not_act_ord_a
7322              not_act_q_zero "raa-cor:3" by blast
7323    next AOT_show ([O!]a  q0)
7324        using "KBasic2:2" "&E"(1) "∨I"(2) "≡E"(2) q0_prop by blast
7325    qed
7326  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7327  ultimately AOT_obtain F13 where 𝒜[F13]b & Δ[F13]b & ¬𝒜[F13]a & Δ[F13]a
7328    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7329  AOT_hence 𝒜[F13]b and Δ[F13]b and ¬𝒜[F13]a and Δ[F13]a
7330    using "&E" by blast+
7331  note props = props this
7332
7333  let  = "«y [O!]y  ¬q0]»"
7334  AOT_modally_strict {
7335     AOT_have [«»] by "cqt:2[lambda]"
7336  } note 1 = this
7337  moreover AOT_have 𝒜[«»]b & Δ[«»]b & 𝒜[«»]a & ¬Δ[«»]a
7338  proof (safe intro!: "&I"; AOT_subst y O!y  ¬q0]x O!x  ¬q0 for: x)
7339    AOT_show 𝒜([O!]b  ¬q0)
7340      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7341  next AOT_show Δ([O!]b  ¬q0)
7342      by (meson "KBasic:15" b_ord "∨I"(1) nec_delta "oa-facts:1" "→E")
7343  next AOT_show 𝒜([O!]a  ¬q0)
7344      by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7345  next AOT_show ¬Δ([O!]a  ¬q0)
7346    proof(rule act_and_pos_not_not_delta)
7347      AOT_show 𝒜([O!]a  ¬q0)
7348        by (meson "Act-Basic:9" act_not_q_zero "∨I"(2) "≡E"(2))
7349    next
7350      AOT_have ¬[O!]a
7351        using "KBasic2:1" "≡E"(2) not_act_and_pos_delta
7352              not_act_ord_a not_delta_ord_a "raa-cor:6" by blast
7353      moreover AOT_have q0
7354        by (meson "&E"(1) q0_prop)
7355      ultimately AOT_have 2: (¬[O!]a & q0)
7356         by (metis "KBasic:16" "&I" "vdash-properties:10")
7357      AOT_show ¬([O!]a  ¬q0)
7358      proof (AOT_subst (reverse) ¬([O!]a  ¬q0) ¬[O!]a & q0)
7359        AOT_modally_strict {
7360          AOT_show ¬[O!]a & q0  ¬([O!]a  ¬q0)
7361            by (metis "&I" "&E"(1) "&E"(2) "∨I"(1) "∨I"(2)
7362                      "∨E"(3) "deduction-theorem" "≡I" "raa-cor:3")
7363        }
7364      next
7365        AOT_show (¬[O!]a & q0)
7366          using "2" by blast
7367      qed
7368    qed
7369  qed(auto simp: "beta-C-meta"[THEN "→E", OF 1])
7370  ultimately AOT_obtain F14 where 𝒜[F14]b & Δ[F14]b & 𝒜[F14]a & ¬Δ[F14]a
7371    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7372  AOT_hence 𝒜[F14]b and Δ[F14]b and 𝒜[F14]a and ¬Δ[F14]a
7373    using "&E" by blast+
7374  note props = props this
7375
7376  AOT_have [L]
7377    by (rule "=dfI"(2)[OF L_def]) "cqt:2[lambda]"+
7378  moreover AOT_have 𝒜[L]b & Δ[L]b & 𝒜[L]a & Δ[L]a
7379  proof (safe intro!: "&I")
7380    AOT_show 𝒜[L]b
7381      by (meson nec_L "nec-imp-act" "vdash-properties:10")
7382    next AOT_show Δ[L]b using nec_L nec_delta by blast
7383    next AOT_show 𝒜[L]a by (meson nec_L "nec-imp-act" "→E")
7384    next AOT_show Δ[L]a using nec_L nec_delta by blast
7385  qed
7386  ultimately AOT_obtain F15 where 𝒜[F15]b & Δ[F15]b & 𝒜[F15]a & Δ[F15]a
7387    using "∃I"(1)[rotated, THEN "∃E"[rotated]] by fastforce
7388  AOT_hence 𝒜[F15]b and Δ[F15]b and 𝒜[F15]a and Δ[F15]a
7389    using "&E" by blast+
7390  note props = props this
7391
7392  show ?thesis
7393    by (rule "∃I"(2)[where β=F0]; rule "∃I"(2)[where β=F1];
7394        rule "∃I"(2)[where β=F2]; rule "∃I"(2)[where β=F3];
7395        rule "∃I"(2)[where β=F4]; rule "∃I"(2)[where β=F5];
7396        rule "∃I"(2)[where β=F6]; rule "∃I"(2)[where β=F7];
7397        rule "∃I"(2)[where β=F8]; rule "∃I"(2)[where β=F9];
7398        rule "∃I"(2)[where β=F10]; rule "∃I"(2)[where β=F11];
7399        rule "∃I"(2)[where β=F12]; rule "∃I"(2)[where β=F13];
7400        rule "∃I"(2)[where β=F14]; rule "∃I"(2)[where β=F15];
7401        safe intro!: "&I")
7402       (match conclusion in "[?v  [F]  [G]]" for F G  7403        match props in A: "[?v  ¬φ{F}]" for φ 7404        match (φ) in "λa . ?p" fail¦ "λa . a" fail¦ _ 7405        match props in B: "[?v  φ{G}]" 7406        fact "pos-not-equiv-ne:4"[where F=F and G=G and φ=φ, THEN "→E",
7407                                OF "oth-class-taut:4:h"[THEN "≡E"(2)],
7408                                OF "Disjunction Addition"(2)[THEN "→E"],
7409                                OF "&I", OF A, OF B]››››)+
7410qed
7411
7412subsection‹The Theory of Objects›
7413text‹\label{PLM: 9.11}›
7414
7415AOT_theorem "o-objects-exist:1": x O!x
7416proof(rule RN)
7417  AOT_modally_strict {
7418    AOT_obtain a where (E!a & ¬𝒜[E!]a)
7419      using "∃E"[rotated, OF "qml:4"[axiom_inst, THEN "BF◇"[THEN "→E"]]]
7420      by blast
7421    AOT_hence 1: E!a by (metis "KBasic2:3" "&E"(1) "→E")
7422    AOT_have x [E!]x]a
7423    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7424      AOT_show a using "cqt:2[const_var]"[axiom_inst] by blast
7425    next
7426      AOT_show E!a by (fact 1)
7427    qed
7428    AOT_hence O!a by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2"
7429    AOT_thus x [O!]x by (rule "∃I")
7430  }
7431qed
7432
7433AOT_theorem "o-objects-exist:2": x A!x
7434proof (rule RN)
7435  AOT_modally_strict {
7436    AOT_obtain a where [A!]a
7437      using "A-objects"[axiom_inst] "∃E"[rotated] "&E" by blast
7438    AOT_thus x A!x using "∃I" by blast
7439  }
7440qed
7441
7442AOT_theorem "o-objects-exist:3": ¬x O!x
7443  by (rule RN)
7444     (metis (no_types, hide_lams) "∃E" "cqt-orig:1[const_var]"
7445        "≡E"(4) "modus-tollens:1" "o-objects-exist:2" "oa-contingent:2"
7446        "qml:2"[axiom_inst] "reductio-aa:2")
7447
7448AOT_theorem "o-objects-exist:4": ¬x A!x
7449  by (rule RN)
7450     (metis (mono_tags, hide_lams) "∃E" "cqt-orig:1[const_var]"
7451        "≡E"(1) "modus-tollens:1" "o-objects-exist:1" "oa-contingent:2"
7452        "qml:2"[axiom_inst] "→E")
7453
7454AOT_theorem "o-objects-exist:5": ¬x E!x
7455proof (rule RN; rule "raa-cor:2")
7456  AOT_modally_strict {
7457    AOT_assume x E!x
7458    moreover AOT_obtain a where abs: A!a
7459      using "o-objects-exist:2"[THEN "qml:2"[axiom_inst, THEN "→E"]]
7460            "∃E"[rotated] by blast
7461    ultimately AOT_have E!a using "∀E" by blast
7462    AOT_hence 1: E!a by (metis "T◇" "→E")
7463    AOT_have y E!y]a
7464    proof (rule "β←C"(1); "cqt:2[lambda]"?)
7465      AOT_show a using "cqt:2[const_var]"[axiom_inst].
7466    next
7467      AOT_show E!a by (fact 1)
7468    qed
7469    AOT_hence O!a
7470      by (rule "=dfI"(2)[OF AOT_ordinary, rotated]) "cqt:2[lambda]"
7471    AOT_hence ¬A!a by (metis "≡E"(1) "oa-contingent:2") 
7472    AOT_thus p & ¬p for p using abs by (metis "raa-cor:3")
7473  }
7474qed
7475
7476AOT_theorem partition: ¬x (O!x & A!x)
7477proof(rule "raa-cor:2")
7478  AOT_assume x (O!x & A!x)
7479  then AOT_obtain a where O!a & A!a
7480    using "∃E"[rotated] by blast
7481  AOT_thus p & ¬p for p
7482    by (metis "&E"(1) "Conjunction Simplification"(2) "≡E"(1)
7483              "modus-tollens:1" "oa-contingent:2" "raa-cor:3")
7484qed
7485
7486AOT_define eq_E :: ‹Π› ("'(=E')")
7487  "=E": (=E) =df xy O!x & O!y & F ([F]x  [F]y)]
7488
7489syntax "_AOT_eq_E_infix" :: ‹τ  τ  φ› (infixl "=E" 50)
7490translations
7491  "_AOT_eq_E_infix κ κ'" == "CONST AOT_exe (CONST eq_E) (CONST Pair κ κ')"
7492print_translation7493AOT_syntax_print_translations
7494[(const_syntax‹AOT_exe›, fn ctxt => fn [
7495  Const ("constAOT_PLM.eq_E", _),
7496  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7497] => Const (syntax_const‹_AOT_eq_E_infix›, dummyT) $ lhs $ rhs)]
7498
7499text‹Note: Not explicitly mentioned as theorem in PLM.›
7500AOT_theorem "=E[denotes]": [(=E)]
7501  by (rule "=dfI"(2)[OF "=E"]) "cqt:2[lambda]"+
7502
7503AOT_theorem "=E-simple:1": x =E y  (O!x & O!y & F ([F]x  [F]y))
7504proof -
7505  AOT_have 1: xy [O!]x & [O!]y & F ([F]x  [F]y)] by "cqt:2"
7506  show ?thesis
7507    apply (rule "=dfI"(2)[OF "=E"]; "cqt:2[lambda]"?)
7508    using "beta-C-meta"[THEN "→E", OF 1, unvarify ν1νn, of "(_,_)",
7509                        OF tuple_denotes[THEN "≡dfI"], OF "&I",
7510                        OF "cqt:2[const_var]"[axiom_inst],
7511                        OF "cqt:2[const_var]"[axiom_inst]]
7512    by fast
7513qed
7514
7515AOT_theorem "=E-simple:2": x =E y  x = y
7516proof (rule "→I")
7517  AOT_assume x =E y
7518  AOT_hence O!x & O!y & F ([F]x  [F]y)
7519    using "=E-simple:1"[THEN "≡E"(1)] by blast
7520  AOT_thus x = y
7521    using "≡dfI"[OF "identity:1"] "∨I" by blast
7522qed
7523
7524AOT_theorem "id-nec3:1": x =E y  (x =E y)
7525proof (rule "≡I"; rule "→I")
7526  AOT_assume x =E y
7527  AOT_hence O!x & O!y & F ([F]x  [F]y)
7528    using "=E-simple:1" "≡E" by blast
7529  AOT_hence O!x & O!y & F ([F]x  [F]y)
7530    by (metis "S5Basic:6" "&I" "&E"(1) "&E"(2) "≡E"(4)
7531              "oa-facts:1" "raa-cor:3" "vdash-properties:10")
7532  AOT_hence (O!x & O!y & F ([F]x  [F]y))
7533    by (metis "&E"(1) "&E"(2) "≡E"(2) "KBasic:3" "&I")
7534  AOT_thus (x =E y)
7535    using "=E-simple:1"
7536    by (AOT_subst x =E y O!x & O!y & F ([F]x  [F]y)) auto
7537next
7538  AOT_assume (x =E y)
7539  AOT_thus x =E y using "qml:2"[axiom_inst, THEN "→E"] by blast
7540qed
7541
7542AOT_theorem "id-nec3:2": (x =E y)  x =E y
7543  by (meson "RE◇" "S5Basic:2" "id-nec3:1" "≡E"(1,5) "Commutativity of ≡")
7544
7545AOT_theorem "id-nec3:3": (x =E y)  (x =E y)
7546  by (meson "id-nec3:1" "id-nec3:2" "≡E"(5))
7547
7548syntax "_AOT_non_eq_E" :: ‹Π› ("'(≠E')")
7549translations
7550  (Π) "(≠E)" == (Π) "(=E)-"
7551syntax "_AOT_non_eq_E_infix" :: ‹τ  τ  φ› (infixl "E" 50)
7552translations
7553 "_AOT_non_eq_E_infix κ κ'" ==
7554 "CONST AOT_exe (CONST relation_negation (CONST eq_E)) (CONST Pair κ κ')"
7555print_translation7556AOT_syntax_print_translations
7557[(const_syntax‹AOT_exe›, fn ctxt => fn [
7558  Const (const_syntax‹relation_negation›, _) $ Const ("constAOT_PLM.eq_E", _),
7559  Const (const_syntax‹Pair›, _) $ lhs $ rhs
7560] => Const (syntax_const‹_AOT_non_eq_E_infix›, dummyT) $ lhs $ rhs)]
7561AOT_theorem "thm-neg=E": x E y  ¬(x =E y)
7562proof -
7563  AOT_have θ: x1...x2 ¬(=E)x1...x2] by "cqt:2"
7564  AOT_have x E y  x1...x2 ¬(=E)x1...x2]xy
7565    by (rule "=dfI"(1)[OF "df-relation-negation", OF θ])
7566       (meson "oth-class-taut:3:a")
7567  also AOT_have   ¬(=E)xy
7568    by (safe intro!: "beta-C-meta"[THEN "→E", unvarify ν1νn] "cqt:2"
7569                     tuple_denotes[THEN "≡dfI"] "&I")
7570  finally show ?thesis.
7571qed
7572
7573AOT_theorem "id-nec4:1": x E y  (x E y)
7574proof -
7575  AOT_have x E y  ¬(x =E y) using "thm-neg=E".
7576  also AOT_have   ¬(x =E y)
7577    by (meson "id-nec3:2" "≡E"(1) "Commutativity of ≡" "oth-class-taut:4:b")
7578  also AOT_have   ¬(x =E y)
7579    by (meson "KBasic2:1" "≡E"(2) "Commutativity of ≡")
7580  also AOT_have   (x E y)
7581    by (AOT_subst (reverse) ¬(x =E y) x E y)
7582       (auto simp: "thm-neg=E" "oth-class-taut:3:a")
7583  finally show ?thesis.
7584qed
7585
7586AOT_theorem "id-nec4:2": (x E y)  (x E y)
7587  by (meson "RE◇" "S5Basic:2" "id-nec4:1" "≡E"(2,5) "Commutativity of ≡")
7588
7589AOT_theorem "id-nec4:3": (x E y)  (x E y)
7590  by (meson "id-nec4:1" "id-nec4:2" "≡E"(5))
7591
7592AOT_theorem "id-act2:1": x =E y  𝒜x =E y
7593  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec3:2" "≡E"(1,6))
7594AOT_theorem "id-act2:2": x E y  𝒜x E y
7595  by (meson "Act-Basic:5" "Act-Sub:2" "RA[2]" "id-nec4:2" "≡E"(1,6))
7596
7597AOT_theorem "ord=Eequiv:1": O!x  x =E x
7598proof (rule "→I")
7599  AOT_assume 1: O!x
7600  AOT_show x =E x
7601    apply (rule "=dfI"(2)[OF "=E"]) apply "cqt:2[lambda]"
7602    apply (rule "β←C"(1))
7603      apply "cqt:2[lambda]"
7604     apply (simp add: "&I" "cqt:2[const_var]"[axiom_inst] prod_denotesI)
7605    by (simp add: "1" RN "&I" "oth-class-taut:3:a" "universal-cor")
7606qed
7607
7608AOT_theorem "ord=Eequiv:2": x =E y  y =E x
7609proof(rule CP)
7610  AOT_assume 1: x =E y
7611  AOT_hence 2: x = y by (metis "=E-simple:2" "vdash-properties:10") 
7612  AOT_have O!x using 1 by (meson "&E"(1) "=E-simple:1" "≡E"(1))
7613  AOT_hence x =E x using "ord=Eequiv:1" "→E" by blast
7614  AOT_thus y =E x using "rule=E"[rotated, OF 2] by fast
7615qed
7616
7617AOT_theorem "ord=Eequiv:3": (x =E y & y =E z)  x =E z
7618proof (rule CP)
7619  AOT_assume 1: x =E y & y =E z
7620  AOT_hence x = y & y = z
7621    by (metis "&I" "&E"(1) "&E"(2) "=E-simple:2" "vdash-properties:6")
7622  AOT_hence x = z by (metis "id-eq:3" "vdash-properties:6")
7623  moreover AOT_have x =E x
7624    using 1[THEN "&E"(1)] "&E"(1) "=E-simple:1" "≡E"(1)
7625          "ord=Eequiv:1" "→E" by blast
7626  ultimately AOT_show x =E z
7627    using "rule=E" by fast
7628qed
7629
7630AOT_theorem "ord-=E=:1": (O!x  O!y)  (x = y  x =E y)
7631proof(rule CP)
7632  AOT_assume O!x  O!y
7633  moreover {
7634    AOT_assume O!x
7635    AOT_hence O!x by (metis "oa-facts:1" "vdash-properties:10")
7636    moreover {
7637      AOT_modally_strict {
7638        AOT_have O!x  (x = y  x =E y)
7639        proof (rule "→I"; rule "≡I"; rule "→I")
7640          AOT_assume O!x
7641          AOT_hence x =E x by (metis "ord=Eequiv:1" "→E")
7642          moreover AOT_assume x = y
7643          ultimately AOT_show x =E y using "rule=E" by fast
7644        next
7645          AOT_assume x =E y
7646          AOT_thus x = y by (metis "=E-simple:2" "→E")
7647        qed
7648      }
7649      AOT_hence O!x  (x = y  x =E y) by (metis "RM:1")
7650    }
7651    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7652  }
7653  moreover {
7654    AOT_assume O!y
7655    AOT_hence O!y by (metis "oa-facts:1" "vdash-properties:10")
7656    moreover {
7657      AOT_modally_strict {
7658        AOT_have O!y  (x = y  x =E y)
7659        proof (rule "→I"; rule "≡I"; rule "→I")
7660          AOT_assume O!y
7661          AOT_hence y =E y by (metis "ord=Eequiv:1" "→E")
7662          moreover AOT_assume x = y
7663          ultimately AOT_show x =E y using "rule=E" id_sym by fast
7664        next
7665          AOT_assume x =E y
7666          AOT_thus x = y by (metis "=E-simple:2" "→E")
7667        qed
7668      }
7669      AOT_hence O!y  (x = y  x =E y) by (metis "RM:1")
7670    }
7671    ultimately AOT_have (x = y  x =E y) using "→E" by blast
7672  }
7673  ultimately AOT_show (x = y  x =E y) by (metis "∨E"(3) "raa-cor:1")
7674qed
7675
7676AOT_theorem "ord-=E=:2": O!y  x x = y]
7677proof (rule "→I"; rule "safe-ext"[axiom_inst, THEN "→E"]; rule "&I")
7678  AOT_show x x =E y] by "cqt:2[lambda]"
7679next
7680  AOT_assume O!y
7681  AOT_hence 1: (x = y  x =E y) for x
7682    using "ord-=E=:1" "→E" "∨I" by blast
7683  AOT_have (x =E y  x = y) for x
7684    by (AOT_subst x =E y  x = y x = y  x =E y)
7685       (auto simp add: "Commutativity of ≡" 1)
7686  AOT_hence x (x =E y  x = y) by (rule GEN)
7687  AOT_thus x (x =E y  x = y) by (rule BF[THEN "→E"])
7688qed
7689
7690
7691AOT_theorem "ord-=E=:3": xy O!x & O!y & x = y]
7692proof (rule "safe-ext[2]"[axiom_inst, THEN "→E"]; rule "&I")
7693  AOT_show xy O!x & O!y & x =E y] by "cqt:2[lambda]"
7694next
7695  AOT_show xy ([O!]x & [O!]y & x =E y  [O!]x & [O!]y & x = y)
7696  proof (rule RN; rule GEN; rule GEN; rule "≡I"; rule "→I")
7697    AOT_modally_strict {
7698      AOT_show [O!]x & [O!]y & x = y if [O!]x & [O!]y & x =E y for x y
7699        by (metis "&I" "&E"(1) "Conjunction Simplification"(2) "=E-simple:2"
7700                  "modus-tollens:1" "raa-cor:1" that)
7701    }
7702  next
7703    AOT_modally_strict {
7704      AOT_show [O!]x & [O!]y & x =E y if [O!]x & [O!]y & x = y for x y
7705        apply(safe intro!: "&I")
7706          apply (metis that[THEN "&E"(1), THEN "&E"(1)])
7707         apply (metis that[THEN "&E"(1), THEN "&E"(2)])
7708        using "rule=E"[rotated, OF that[THEN "&E"(2)]]
7709              "ord=Eequiv:1"[THEN "→E", OF that[THEN "&E"(1), THEN "&E"(1)]]
7710        by fast
7711    }
7712  qed
7713qed
7714
7715AOT_theorem "ind-nec": F ([F]x  [F]y)  F ([F]x  [F]y)
7716proof(rule "→I")
7717  AOT_assume F ([F]x  [F]y)
7718  moreover AOT_have x F ([F]x  [F]y)] by "cqt:2[lambda]"
7719  ultimately AOT_have x F ([F]x  [F]y)]x  x F ([F]x  [F]y)]y
7720    using "∀E" by blast
7721  moreover AOT_have x F ([F]x  [F]y)]y
7722    apply (rule "β←C"(1))
7723      apply "cqt:2[lambda]"
7724     apply (fact "cqt:2[const_var]"[axiom_inst])
7725    by (simp add: RN GEN "oth-class-taut:3:a")
7726  ultimately AOT_have x F ([F]x  [F]y)]x using "≡E" by blast
7727  AOT_thus F ([F]x  [F]y)
7728    using "β→C"(1) by blast
7729qed
7730
7731AOT_theorem "ord=E:1": (O!x & O!y)  (F ([F]x  [F]y)  x =E y)
7732proof (rule "→I"; rule "→I")
7733  AOT_assume F ([F]x  [F]y)
7734  AOT_hence F ([F]x  [F]y)
7735    using "ind-nec"[THEN "→E"] by blast
7736  moreover AOT_assume O!x & O!y
7737  ultimately AOT_have O!x & O!y & F ([F]x  [F]y)
7738    using "&I" by blast
7739  AOT_thus x =E y using "=E-simple:1"[THEN "≡E"(2)] by blast
7740qed
7741
7742AOT_theorem "ord=E:2": (O!x & O!y)  (F ([F]x  [F]y)  x = y)
7743proof (rule "→I"; rule "→I")
7744  AOT_assume O!x & O!y
7745  moreover AOT_assume F ([F]x  [F]y)
7746  ultimately AOT_have x =E y
7747    using "ord=E:1" "→E" by blast
7748  AOT_thus x = y using "=E-simple:2"[THEN "→E"] by blast
7749qed
7750
7751AOT_theorem "ord=E2:1":
7752  (O!x & O!y)  (x  y  z z =E x]  z z =E y])
7753proof (rule "→I"; rule "≡I"; rule "→I";
7754       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7755  AOT_assume 0: O!x & O!y
7756  AOT_assume x  y
7757  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7758  AOT_assume z z =E x] = z z =E y]
7759  moreover AOT_have z z =E x]x
7760    apply (rule "β←C"(1))
7761      apply "cqt:2[lambda]"
7762     apply (fact "cqt:2[const_var]"[axiom_inst])
7763    using "ord=Eequiv:1"[THEN "→E", OF 0[THEN "&E"(1)]].
7764  ultimately AOT_have z z =E y]x using "rule=E" by fast
7765  AOT_hence x =E y using "β→C"(1) by blast
7766  AOT_hence x = y by (metis "=E-simple:2" "vdash-properties:6")
7767  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7768next
7769  AOT_assume z z =E x]  z z =E y]
7770  AOT_hence 0: ¬(z z =E x] = z z =E y])
7771    using "≡dfE"[OF "=-infix"] by blast
7772  AOT_have z z =E x] by "cqt:2[lambda]"
7773  AOT_hence z z =E x] = z z =E x]
7774    by (metis "rule=I:1")
7775  moreover AOT_assume x = y
7776  ultimately AOT_have z z =E x] = z z =E y]
7777    using "rule=E" by fast
7778  AOT_thus z z =E x] = z z =E y] & ¬(z z =E x] = z z =E y])
7779    using 0 "&I" by blast
7780qed
7781
7782AOT_theorem "ord=E2:2":
7783  (O!x & O!y)  (x  y  z z = x]  z z = y])
7784proof (rule "→I"; rule "≡I"; rule "→I";
7785       rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7786  AOT_assume 0: O!x & O!y
7787  AOT_assume x  y
7788  AOT_hence 1: ¬(x = y) using "≡dfE"[OF "=-infix"] by blast
7789  AOT_assume z z = x] = z z = y]
7790  moreover AOT_have z z = x]x
7791    apply (rule "β←C"(1))
7792    apply (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7793     apply (fact "cqt:2[const_var]"[axiom_inst])
7794    by (simp add: "id-eq:1")
7795  ultimately AOT_have z z = y]x using "rule=E" by fast
7796  AOT_hence x = y using "β→C"(1) by blast
7797  AOT_thus x = y & ¬(x = y) using 1 "&I" by blast
7798next
7799  AOT_assume 0: O!x & O!y
7800  AOT_assume z z = x]  z z = y]
7801  AOT_hence 1: ¬(z z = x] = z z = y])
7802    using "≡dfE"[OF "=-infix"] by blast
7803  AOT_have z z = x]
7804    by (fact "ord-=E=:2"[THEN "→E", OF 0[THEN "&E"(1)]])
7805  AOT_hence z z = x] = z z = x]
7806    by (metis "rule=I:1")
7807  moreover AOT_assume x = y
7808  ultimately AOT_have z z = x] = z z = y]
7809    using "rule=E" by fast
7810  AOT_thus z z = x] = z z = y] & ¬(z z = x] = z z = y])
7811    using 1 "&I" by blast
7812qed
7813
7814AOT_theorem ordnecfail: O!x  ¬F x[F]
7815  by (meson "RM:1" "→I" nocoder[axiom_inst] "oa-facts:1" "→E")
7816
7817AOT_theorem "ab-obey:1": (A!x & A!y)  (F (x[F]  y[F])  x = y)
7818proof (rule "→I"; rule "→I")
7819  AOT_assume 1: A!x & A!y
7820  AOT_assume F (x[F]  y[F])
7821  AOT_hence x[F]  y[F] for F using "∀E" by blast
7822  AOT_hence (x[F]  y[F]) for F by (metis "en-eq:6[1]" "≡E"(1))
7823  AOT_hence F (x[F]  y[F]) by (rule GEN)
7824  AOT_hence F (x[F]  y[F]) by (rule BF[THEN "→E"])
7825  AOT_thus x = y
7826    using "≡dfI"[OF "identity:1", OF "∨I"(2)] 1 "&I" by blast
7827qed
7828
7829AOT_theorem "ab-obey:2":
7830  (F (x[F] & ¬y[F])  F (y[F] & ¬x[F]))  x  y
7831proof (rule "→I"; rule "≡dfI"[OF "=-infix"]; rule "raa-cor:2")
7832  AOT_assume 1: x = y
7833  AOT_assume F (x[F] & ¬y[F])  F (y[F] & ¬x[F])
7834  moreover {
7835    AOT_assume F (x[F] & ¬y[F])
7836    then AOT_obtain F where x[F] & ¬y[F]
7837      using "∃E"[rotated] by blast
7838    moreover AOT_have y[F]
7839      using calculation[THEN "&E"(1)] 1 "rule=E" by fast
7840    ultimately AOT_have p & ¬p for p
7841      by (metis "Conjunction Simplification"(2) "modus-tollens:2" "raa-cor:3")
7842  }
7843  moreover {
7844    AOT_assume F (y[F] & ¬x[F])
7845    then AOT_obtain F where y[F] & ¬x[F]
7846      using "∃E"[rotated] by blast
7847    moreover AOT_have ¬y[F]
7848      using calculation[THEN "&E"(2)] 1 "rule=E" by fast
7849    ultimately AOT_have p & ¬p for p
7850      by (metis "Conjunction Simplification"(1) "modus-tollens:1" "raa-cor:3")
7851  }
7852  ultimately AOT_show p & ¬p for p
7853    by (metis "∨E"(3) "raa-cor:1")
7854qed
7855
7856AOT_theorem "encoders-are-abstract": F x[F]  A!x
7857  by (meson "deduction-theorem" "≡E"(2) "modus-tollens:2" nocoder
7858            "oa-contingent:3" "vdash-properties:1[2]")
7859
7860AOT_theorem "denote=:1": Hx x[H]
7861  by (rule GEN; rule "existence:2[1]"[THEN "≡dfE"]; "cqt:2")
7862
7863AOT_theorem "denote=:2": Gx1...∃xn x1...xn[H]
7864  by (rule GEN; rule "existence:2"[THEN "≡dfE"]; "cqt:2")
7865
7866AOT_theorem "denote=:2[2]": Gx1x2 x1x2[H]
7867  by (rule GEN; rule "existence:2[2]"[THEN "≡dfE"]; "cqt:2")
7868
7869AOT_theorem "denote=:2[3]": Gx1x2x3 x1x2x3[H]
7870  by (rule GEN; rule "existence:2[3]"[THEN "≡dfE"]; "cqt:2")
7871
7872AOT_theorem "denote=:2[4]": Gx1x2x3x4 x1x2x3x4[H]
7873  by (rule GEN; rule "existence:2[4]"[THEN "≡dfE"]; "cqt:2")
7874
7875AOT_theorem "denote=:3": x x[Π]  H (H = Π)
7876  using "existence:2[1]" "free-thms:1" "≡E"(2,5)
7877        "Commutativity of ≡" "≡Df" by blast
7878
7879AOT_theorem "denote=:4": (x1...∃xn x1...xn[Π])  H (H = Π)
7880  using "existence:2" "free-thms:1" "≡E"(6) "≡Df" by blast
7881
7882AOT_theorem "denote=:4[2]": (x1x2 x1x2[Π])  H (H = Π)
7883  using "existence:2[2]" "free-thms:1" "≡E"(6) "≡Df" by blast
7884
7885AOT_theorem "denote=:4[3]": (x1x2x3 x1x2x3[Π])  H (H = Π)
7886  using "existence:2[3]" "free-thms:1" "≡E"(6) "≡Df" by blast
7887
7888AOT_theorem "denote=:4[4]": (x1x2x3x4 x1x2x3x4[Π])  H (H = Π)
7889  using "existence:2[4]" "free-thms:1" "≡E"(6) "≡Df" by blast
7890
7891AOT_theorem "A-objects!": ∃!x (A!x & F (x[F]  φ{F}))
7892proof (rule "uniqueness:1"[THEN "≡dfI"])
7893  AOT_obtain a where a_prop: A!a & F (a[F]  φ{F})
7894    using "A-objects"[axiom_inst] "∃E"[rotated] by blast
7895  AOT_have (A!β & F (β[F]  φ{F}))  β = a for β
7896  proof (rule "→I")
7897    AOT_assume β_prop: [A!]β & F (β[F]  φ{F})
7898    AOT_hence β[F]  φ{F} for F
7899      using "∀E" "&E" by blast
7900    AOT_hence β[F]  a[F] for F
7901      using a_prop[THEN "&E"(2)] "∀E" "≡E"(2,5)
7902            "Commutativity of ≡" by fast
7903    AOT_hence F (β[F]  a[F]) by (rule GEN)
7904    AOT_thus β = a
7905      using "ab-obey:1"[THEN "→E",
7906                OF "&I"[OF β_prop[THEN "&E"(1)], OF a_prop[THEN "&E"(1)]],
7907                THEN "→E"] by blast
7908  qed
7909  AOT_hence β ((A!β & F (β[F]  φ{F}))  β = a) by (rule GEN)
7910  AOT_thus α ([A!]α & F (α[F]  φ{F}) &
7911                β ([A!]β & F (β[F]  φ{F})  β = α))
7912    using "∃I" using a_prop "&I" by fast
7913qed
7914
7915AOT_theorem "obj-oth:1": ∃!x (A!x & F (x[F]  [F]y))
7916  using "A-objects!" by fast
7917
7918AOT_theorem "obj-oth:2": ∃!x (A!x & F (x[F]  [F]y & [F]z))
7919  using "A-objects!" by fast
7920
7921AOT_theorem "obj-oth:3": ∃!x (A!x & F (x[F]  [F]y  [F]z))
7922  using "A-objects!" by fast
7923
7924AOT_theorem "obj-oth:4": ∃!x (A!x & F (x[F]  [F]y))
7925  using "A-objects!" by fast
7926
7927AOT_theorem "obj-oth:5": ∃!x (A!x & F (x[F]  F = G))
7928  using "A-objects!" by fast
7929
7930AOT_theorem "obj-oth:6": ∃!x (A!x & F (x[F]  y([G]y  [F]y)))
7931  using "A-objects!" by fast
7932
7933AOT_theorem "A-descriptions": ιx (A!x & F (x[F]  φ{F}))
7934  by (rule "A-Exists:2"[THEN "≡E"(2)]; rule "RA[2]"; rule "A-objects!")
7935
7936AOT_act_theorem "thm-can-terms2":
7937  y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
7938  using "y-in:2" by blast
7939
7940AOT_theorem "can-ab2": y = ιx(A!x & F (x[F]  φ{F}))   A!y
7941proof(rule "→I")
7942  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
7943  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
7944    using "actual-desc:2"[THEN "→E"] by blast
7945  AOT_hence 𝒜A!y by (metis "Act-Basic:2" "&E"(1) "≡E"(1))
7946  AOT_thus A!y by (metis "≡E"(2) "oa-facts:8")
7947qed
7948
7949AOT_act_theorem "desc-encode:1": ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7950proof -
7951  AOT_have ιx(A!x & F (x[F]  φ{F}))
7952    by (simp add: "A-descriptions")
7953  AOT_hence A!ιx(A!x & F (x[F]  φ{F})) &
7954             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7955    using "y-in:3"[THEN "→E"] by blast
7956  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
7957    using "&E" "∀E" by blast
7958qed
7959
7960AOT_act_theorem "desc-encode:2": ιx(A!x & F (x[F]  φ{F}))[G]  φ{G}
7961  using "desc-encode:1".
7962
7963AOT_theorem "desc-nec-encode:1":
7964  ιx (A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7965proof -
7966  AOT_have 0: ιx(A!x & F (x[F]  φ{F}))
7967    by (simp add: "A-descriptions")
7968  AOT_hence 𝒜(A!ιx(A!x & F (x[F]  φ{F})) &
7969             F(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}))
7970    using "actual-desc:4"[THEN "→E"] by blast
7971  AOT_hence 𝒜F (ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7972    using "Act-Basic:2" "&E"(2) "≡E"(1) by blast
7973  AOT_hence F 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7974    using "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]" by blast
7975  AOT_hence 𝒜(ιx(A!x & F (x[F]  φ{F}))[F]  φ{F})
7976    using "∀E" by blast
7977  AOT_hence 𝒜ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7978    using "Act-Basic:5" "≡E"(1) by blast
7979  AOT_thus ιx(A!x & F (x[F]  φ{F}))[F]  𝒜φ{F}
7980    using "en-eq:10[1]"[unvarify x1, OF 0] "≡E"(6) by blast
7981qed
7982
7983AOT_theorem "desc-nec-encode:2":
7984  ιx (A!x & F (x[F]  φ{F}))[G]  𝒜φ{G}
7985  using "desc-nec-encode:1".
7986
7987AOT_theorem "Box-desc-encode:1": φ{G}  ιx(A!x & F (x[F]  φ{G}))[G]
7988  by (rule "→I"; rule "desc-nec-encode:2"[THEN "≡E"(2)])
7989     (meson "nec-imp-act" "vdash-properties:10")
7990
7991AOT_theorem "Box-desc-encode:2":
7992φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
7993proof(rule CP)
7994  AOT_assume φ{G}
7995  AOT_hence φ{G} by (metis "S5Basic:6" "≡E"(1))
7996  moreover AOT_have φ{G}  (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
7997  proof (rule RM; rule "→I")
7998    AOT_modally_strict {
7999      AOT_assume 1: φ{G}
8000      AOT_hence ιx(A!x & F (x[F]  φ{G}))[G]
8001        using "Box-desc-encode:1" "→E" by blast
8002      moreover AOT_have φ{G}
8003        using 1 by (meson "qml:2"[axiom_inst] "→E")
8004      ultimately AOT_show ιx(A!x & F (x[F]  φ{G}))[G]  φ{G}
8005        using "→I" "≡I" by simp
8006    }
8007  qed
8008  ultimately AOT_show (ιx(A!x & F (x[F]  φ{G}))[G]  φ{G})
8009    using "→E" by blast
8010qed
8011
8012definition rigid_condition where
8013  rigid_condition φ  v . [v  α (φ{α}  φ{α})]
8014syntax rigid_condition :: ‹id_position  AOT_prop› ("RIGID'_CONDITION'(_')")
8015
8016AOT_theorem "strict-can:1[E]":
8017  assumes RIGID_CONDITION(φ)
8018  shows α (φ{α}  φ{α})
8019  using assms[unfolded rigid_condition_def] by auto
8020
8021AOT_theorem "strict-can:1[I]":
8022  assumes  α (φ{α}  φ{α})
8023  shows RIGID_CONDITION(φ)
8024  using assms rigid_condition_def by auto
8025
8026AOT_theorem "box-phi-a:1":
8027  assumes RIGID_CONDITION(φ)
8028  shows (A!x  & F (x[F]  φ{F}))  (A!x & F (x[F]  φ{F}))
8029proof (rule "→I")
8030  AOT_assume a: A!x & F (x[F]  φ{F})
8031  AOT_hence b: A!x
8032    by (metis "Conjunction Simplification"(1) "oa-facts:2" "→E")
8033  AOT_have x[F]  φ{F} for F
8034    using a[THEN "&E"(2)] "∀E" by blast
8035  moreover AOT_have (x[F]  x[F]) for F
8036    by (meson "pre-en-eq:1[1]" RN)
8037  moreover AOT_have (φ{F}  φ{F}) for F
8038    using RN "strict-can:1[E]"[OF assms] "∀E" by blast
8039  ultimately AOT_have (x[F]  φ{F}) for F
8040    using "sc-eq-box-box:5" "qml:2"[axiom_inst, THEN "→E"] "→E" "&I" by metis
8041  AOT_hence F (x[F]  φ{F}) by (rule GEN)
8042  AOT_hence F (x[F]  φ{F}) by (rule BF[THEN "→E"])
8043  AOT_thus ([A!]x & F (x[F]  φ{F}))
8044    using b "KBasic:3" "≡S"(1) "≡E"(2) by blast
8045qed
8046
8047AOT_theorem "box-phi-a:2":
8048  assumes RIGID_CONDITION(φ)
8049  shows y = ιx(A!x & F (x[F]  φ{F}))  (A!y & F (y[F]  φ{F}))
8050proof(rule "→I")
8051  AOT_assume y = ιx(A!x & F (x[F]  φ{F}))
8052  AOT_hence 𝒜(A!y & F (y[F]  φ{F}))
8053    using "actual-desc:2"[THEN "→E"] by fast
8054  AOT_hence abs: 𝒜A!y and 𝒜F (y[F]  φ{F})
8055    using "Act-Basic:2" "&E" "≡E"(1) by blast+
8056  AOT_hence F 𝒜(y[F]  φ{F})
8057    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8058  AOT_hence 𝒜(y[F]  φ{F}) for F
8059    using "∀E" by blast
8060  AOT_hence 𝒜y[F]  𝒜φ{F} for F
8061    by (metis "Act-Basic:5" "≡E"(1)) 
8062  AOT_hence y[F]  φ{F} for F
8063    using "sc-eq-fur:2"[THEN "→E",
8064            OF "strict-can:1[E]"[OF assms,
8065                THEN "∀E"(2)[where β=F], THEN RN]]
8066    by (metis "en-eq:10[1]" "≡E"(6))
8067  AOT_hence F (y[F]  φ{F}) by (rule GEN)
8068  AOT_thus [A!]y & F (y[F]  φ{F})
8069    using abs "&I" "≡E"(2) "oa-facts:8" by blast
8070qed
8071
8072AOT_theorem "box-phi-a:3":
8073  assumes RIGID_CONDITION(φ)
8074  shows ιx(A!x & F (x[F]  φ{F}))[F]  φ{F}
8075  using "desc-nec-encode:2"
8076    "sc-eq-fur:2"[THEN "→E",
8077        OF "strict-can:1[E]"[OF assms,
8078          THEN "∀E"(2)[where β=F], THEN RN]]
8079    "≡E"(5) by blast
8080
8081AOT_define Null :: ‹τ  φ› ("Null'(_')") 
8082  "df-null-uni:1": Null(x) df A!x & ¬F x[F]
8083
8084AOT_define Universal :: ‹τ  φ› ("Universal'(_')")
8085  "df-null-uni:2": Universal(x) df A!x & F x[F]
8086
8087AOT_theorem "null-uni-uniq:1": ∃!x Null(x)
8088proof (rule "uniqueness:1"[THEN "≡dfI"])
8089  AOT_obtain a where a_prop: A!a & F (a[F]  ¬(F = F))
8090    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8091  AOT_have a_null: ¬a[F] for F
8092  proof (rule "raa-cor:2")
8093    AOT_assume a[F]
8094    AOT_hence ¬(F = F) using a_prop[THEN "&E"(2)] "∀E" "≡E" by blast
8095    AOT_hence F = F & ¬(F = F) by (metis "id-eq:1" "raa-cor:3")
8096    AOT_thus p & ¬p for p  by (metis "raa-cor:1")
8097  qed
8098  AOT_have Null(a) & β (Null(β)  β = a)
8099  proof (rule "&I")
8100    AOT_have ¬F a[F]
8101      using a_null by (metis "instantiation" "reductio-aa:1")
8102    AOT_thus Null(a)
8103      using "df-null-uni:1"[THEN "≡dfI"] a_prop[THEN "&E"(1)] "&I" by metis
8104  next
8105    AOT_show β (Null(β)  β = a)
8106    proof (rule GEN; rule "→I")
8107      fix β
8108      AOT_assume a: Null(β)
8109      AOT_hence ¬F β[F]
8110        using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8111      AOT_hence β_null: ¬β[F] for F
8112        by (metis "existential:2[const_var]" "reductio-aa:1")
8113      AOT_have F (β[F]  a[F])
8114        apply (rule GEN; rule "≡I"; rule CP)
8115        using "raa-cor:3" β_null a_null by blast+
8116      moreover AOT_have A!β
8117        using a "df-null-uni:1"[THEN "≡dfE"] "&E" by blast
8118      ultimately AOT_show β = a
8119        using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8120              "&I" by blast
8121    qed
8122  qed
8123  AOT_thus α (Null(α) & β (Null(β)  β = α))
8124    using "∃I"(2) by fast
8125qed
8126
8127AOT_theorem "null-uni-uniq:2": ∃!x Universal(x)
8128proof (rule "uniqueness:1"[THEN "≡dfI"])
8129  AOT_obtain a where a_prop: A!a & F (a[F]  F = F)
8130    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8131  AOT_hence aF: a[F] for F using "&E" "∀E" "≡E" "id-eq:1" by fast
8132  AOT_hence Universal(a)
8133    using "df-null-uni:2"[THEN "≡dfI"] "&I" a_prop[THEN "&E"(1)] GEN by blast
8134  moreover AOT_have β (Universal(β)  β = a)
8135  proof (rule GEN; rule "→I")
8136    fix β
8137    AOT_assume Universal(β)
8138    AOT_hence abs_β: A!β and β[F] for F
8139      using "df-null-uni:2"[THEN "≡dfE"] "&E" "∀E" by blast+
8140    AOT_hence β[F]  a[F] for F
8141      using aF by (metis "deduction-theorem" "≡I")
8142    AOT_hence F (β[F]  a[F]) by (rule GEN)
8143    AOT_thus β = a
8144      using a_prop[THEN "&E"(1)] "ab-obey:1"[THEN "→E", THEN "→E"]
8145            "&I" abs_β by blast
8146  qed
8147  ultimately AOT_show α (Universal(α) & β (Universal(β)  β = α))
8148    using "&I" "∃I" by fast
8149qed
8150
8151AOT_theorem "null-uni-uniq:3": ιx Null(x)
8152  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:1" by blast
8153
8154AOT_theorem "null-uni-uniq:4": ιx Universal(x)
8155  using "A-Exists:2" "RA[2]" "≡E"(2) "null-uni-uniq:2" by blast
8156
8157AOT_define Null_object :: ‹κs (a)
8158  "df-null-uni-terms:1": a =df ιx Null(x)
8159
8160AOT_define Universal_object :: ‹κs (aV)
8161  "df-null-uni-terms:2": aV =df ιx Universal(x)
8162
8163AOT_theorem "null-uni-facts:1": Null(x)  Null(x)
8164proof (rule "→I")
8165  AOT_assume Null(x)
8166  AOT_hence x_abs: A!x and x_null: ¬F x[F]
8167    using "df-null-uni:1"[THEN "≡dfE"] "&E" by blast+
8168  AOT_have ¬x[F] for F using x_null
8169    using "existential:2[const_var]" "reductio-aa:1"
8170    by metis
8171  AOT_hence ¬x[F] for F by (metis "en-eq:7[1]" "≡E"(1))
8172  AOT_hence F ¬x[F] by (rule GEN)
8173  AOT_hence F ¬x[F] by (rule BF[THEN "→E"])
8174  moreover AOT_have F ¬x[F]  ¬F x[F]
8175    apply (rule RM)
8176    by (metis (full_types) "instantiation" "cqt:2[const_var]"[axiom_inst]
8177                           "→I" "reductio-aa:1" "rule-ui:1")
8178  ultimately AOT_have ¬F x[F]
8179    by (metis "→E")
8180  moreover AOT_have A!x using x_abs
8181    using "oa-facts:2" "vdash-properties:10" by blast
8182  ultimately AOT_have r: (A!x & ¬F x[F])
8183    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8184  AOT_show Null(x)
8185    by (AOT_subst Null(x) A!x & ¬F x[F])
8186       (auto simp: "df-null-uni:1" "≡Df" r)
8187qed  
8188
8189AOT_theorem "null-uni-facts:2": Universal(x)  Universal(x)
8190proof (rule "→I")
8191  AOT_assume Universal(x)
8192  AOT_hence x_abs: A!x and x_univ: F x[F]
8193    using "df-null-uni:2"[THEN "≡dfE"] "&E" by blast+
8194  AOT_have x[F] for F using x_univ "∀E" by blast
8195  AOT_hence x[F] for F by (metis "en-eq:2[1]" "≡E"(1))
8196  AOT_hence F x[F] by (rule GEN)
8197  AOT_hence F x[F] by (rule BF[THEN "→E"])
8198  moreover AOT_have A!x using x_abs
8199    using "oa-facts:2" "vdash-properties:10" by blast
8200  ultimately AOT_have r: (A!x & F x[F])
8201    by (metis "KBasic:3" "&I" "≡E"(3) "raa-cor:3")
8202  AOT_show Universal(x)
8203    by (AOT_subst Universal(x) A!x & F x[F])
8204       (auto simp add: "df-null-uni:2" "≡Df" r)
8205qed
8206
8207AOT_theorem "null-uni-facts:3": Null(a)
8208  apply (rule "=dfI"(2)[OF "df-null-uni-terms:1"])
8209   apply (simp add: "null-uni-uniq:3")
8210  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:3"]
8211    "sc-eq-fur:2"[THEN "→E",
8212        OF "null-uni-facts:1"[unvarify x, THEN RN, OF "null-uni-uniq:3"],
8213        THEN "≡E"(1)]
8214  by blast
8215
8216AOT_theorem "null-uni-facts:4": Universal(aV)
8217  apply (rule "=dfI"(2)[OF "df-null-uni-terms:2"])
8218   apply (simp add: "null-uni-uniq:4")
8219  using "actual-desc:4"[THEN "→E", OF "null-uni-uniq:4"]
8220    "sc-eq-fur:2"[THEN "→E",
8221        OF "null-uni-facts:2"[unvarify x, THEN RN, OF "null-uni-uniq:4"],
8222        THEN "≡E"(1)]
8223  by blast
8224
8225AOT_theorem "null-uni-facts:5": a  aV
8226proof (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8227    rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8228    rule "≡dfI"[OF "=-infix"];
8229    rule "raa-cor:2")
8230  AOT_obtain x where nullx: Null(x)
8231    by (metis "instantiation" "df-null-uni-terms:1" "existential:1"
8232              "null-uni-facts:3" "null-uni-uniq:3" "rule-id-df:2:b[zero]")
8233  AOT_hence act_null: 𝒜Null(x)
8234    by (metis "nec-imp-act" "null-uni-facts:1" "→E")
8235  AOT_assume ιx Null(x) = ιx Universal(x)
8236  AOT_hence 𝒜x(Null(x)  Universal(x))
8237    using "actual-desc:5"[THEN "→E"] by blast
8238  AOT_hence x 𝒜(Null(x)  Universal(x))
8239    by (metis "≡E"(1) "logic-actual-nec:3" "vdash-properties:1[2]")
8240  AOT_hence 𝒜Null(x)  𝒜Universal(x)
8241    using "Act-Basic:5" "≡E"(1) "rule-ui:3" by blast
8242  AOT_hence 𝒜Universal(x) using act_null "≡E" by blast
8243  AOT_hence Universal(x)
8244    by (metis RN "≡E"(1) "null-uni-facts:2" "sc-eq-fur:2" "→E")
8245  AOT_hence F x[F] using "≡dfE"[OF "df-null-uni:2"] "&E" by metis
8246  moreover AOT_have ¬F x[F]
8247    using nullx "≡dfE"[OF "df-null-uni:1"] "&E" by metis
8248  ultimately AOT_show p & ¬p for p
8249    by (metis "cqt-further:1" "raa-cor:3" "→E")
8250qed
8251
8252AOT_theorem "null-uni-facts:6": a = ιx(A!x & F (x[F]  F  F))
8253proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8254  AOT_show ιx([A!]x & F (x[F]  F  F))
8255    by (simp add: "A-descriptions")
8256next
8257  AOT_show a
8258    by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8259       (simp add: "null-uni-uniq:3")
8260next
8261  AOT_have ιx([A!]x & F (x[F]  F  F))
8262    by (simp add: "A-descriptions")
8263  AOT_hence 1: ιx([A!]x & F (x[F]  F  F)) = ιx([A!]x & F (x[F]  F  F))
8264    using "rule=I:1" by blast
8265  AOT_show [A!]a & [A!]ιx([A!]x & F (x[F]  F  F))
8266    apply (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"];
8267           rule "&I")
8268     apply (meson "≡dfE" "Conjunction Simplification"(1)
8269                  "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8270                  "null-uni-uniq:3" "rule-id-df:2:a[zero]" "→E")
8271    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8272next
8273  AOT_show F (a[F]  ιx([A!]x & F (x[F]  F  F))[F])
8274  proof (rule GEN)
8275    fix F
8276    AOT_have ¬a[F]
8277      by (rule "=dfI"(2)[OF "df-null-uni-terms:1", OF "null-uni-uniq:3"])
8278         (metis (no_types, lifting) "≡dfE" "&E"(2) "∨I"(2) "∨E"(3) "∃I"(2)
8279                "df-null-uni:1" "df-null-uni-terms:1" "null-uni-facts:3"
8280                "raa-cor:2" "rule-id-df:2:a[zero]"
8281                "russell-axiom[enc,1].ψ_denotes_asm")
8282    moreover AOT_have ¬ιx([A!]x & F (x[F]  F  F))[F]
8283    proof(rule "raa-cor:2")
8284      AOT_assume 0: ιx([A!]x & F (x[F]  F  F))[F]
8285      AOT_hence 𝒜(F  F)
8286        using "desc-nec-encode:2"[THEN "≡E"(1), OF 0] by blast
8287      moreover AOT_have ¬𝒜(F  F)
8288        using "≡dfE" "id-act:2" "id-eq:1" "≡E"(2)
8289              "=-infix" "raa-cor:3" by blast
8290      ultimately AOT_show 𝒜(F  F) & ¬𝒜(F  F) by (rule "&I")
8291    qed
8292    ultimately AOT_show a[F]  ιx([A!]x & F (x[F]  F  F))[F]
8293      using "deduction-theorem" "≡I" "raa-cor:4" by blast
8294  qed
8295qed
8296
8297AOT_theorem "null-uni-facts:7": aV = ιx(A!x & F (x[F]  F = F))
8298proof (rule "ab-obey:1"[unvarify x y, THEN "→E", THEN "→E"])
8299  AOT_show ιx([A!]x & F (x[F]  F = F))
8300    by (simp add: "A-descriptions")
8301next
8302  AOT_show aV
8303    by (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8304       (simp add: "null-uni-uniq:4")
8305next
8306  AOT_have ιx([A!]x & F (x[F]  F = F))
8307    by (simp add: "A-descriptions")
8308  AOT_hence 1: ιx([A!]x & F (x[F]  F = F)) = ιx([A!]x & F (x[F]  F = F))
8309    using "rule=I:1" by blast
8310  AOT_show [A!]aV & [A!]ιx([A!]x & F (x[F]  F = F))
8311    apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"];
8312           rule "&I")
8313     apply (meson "≡dfE" "Conjunction Simplification"(1) "df-null-uni:2"
8314                  "df-null-uni-terms:2" "null-uni-facts:4" "null-uni-uniq:4"
8315                  "rule-id-df:2:a[zero]" "→E")
8316    using "can-ab2"[unvarify y, OF "A-descriptions", THEN "→E", OF 1].
8317next
8318  AOT_show F (aV[F]  ιx([A!]x & F (x[F]  F = F))[F])
8319  proof (rule GEN)
8320    fix F
8321    AOT_have aV[F]
8322      apply (rule "=dfI"(2)[OF "df-null-uni-terms:2", OF "null-uni-uniq:4"])
8323      using "≡dfE" "&E"(2) "df-null-uni:2" "df-null-uni-terms:2"
8324            "null-uni-facts:4" "null-uni-uniq:4" "rule-id-df:2:a[zero]"
8325            "rule-ui:3" by blast
8326    moreover AOT_have ιx([A!]x & F (x[F]  F = F))[F]
8327      using "RA[2]" "desc-nec-encode:2" "id-eq:1" "≡E"(2) by fastforce
8328    ultimately AOT_show aV[F]  ιx([A!]x & F (x[F]  F = F))[F]
8329      using "deduction-theorem" "≡I" by simp
8330  qed
8331qed
8332
8333AOT_theorem "aclassical:1":
8334Rxy(A!x & A!y & x  y & z [R]zx] = z [R]zy])
8335proof(rule GEN)
8336  fix R
8337  AOT_obtain a where a_prop:
8338    A!a & F (a[F]  y(A!y & F = z [R]zy] & ¬y[F]))
8339    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8340  AOT_have a_enc: az [R]za]
8341  proof (rule "raa-cor:1")
8342    AOT_assume 0: ¬az [R]za]
8343    AOT_hence ¬y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8344      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]za]»"],
8345                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8346                THEN "≡E"(1), rotated])
8347         "cqt:2[lambda]"
8348    AOT_hence y ¬(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8349      using "cqt-further:4" "vdash-properties:10" by blast
8350    AOT_hence ¬(A!a & z [R]za] = z [R]za] & ¬az [R]za])
8351      using "∀E" by blast
8352    AOT_hence (A!a & z [R]za] = z [R]za])  az [R]za]
8353      by (metis "&I" "deduction-theorem" "raa-cor:3")
8354    moreover AOT_have z [R]za] = z [R]za]
8355      by (rule "=I") "cqt:2[lambda]"
8356    ultimately AOT_have az [R]za]
8357      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8358    AOT_thus az [R]za] & ¬az [R]za]
8359      using 0 "&I" by blast
8360  qed
8361  AOT_hence y(A!y & z [R]za] = z [R]zy] & ¬yz [R]za])
8362    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8363       "cqt:2"
8364  then AOT_obtain b where b_prop:
8365    A!b & z [R]za] = z [R]zb] & ¬bz [R]za]
8366    using "∃E"[rotated] by blast
8367  AOT_have a  b
8368    apply (rule "≡dfI"[OF "=-infix"])
8369    using a_enc b_prop[THEN "&E"(2)]
8370    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8371          "raa-cor:3" "reductio-aa:1" by fast
8372  AOT_hence A!a & A!b & a  b & z [R]za] = z [R]zb]
8373    using b_prop "&E" a_prop "&I" by meson
8374  AOT_hence y (A!a & A!y & a  y & z [R]za] = z [R]zy]) by (rule "∃I")
8375  AOT_thus xy (A!x & A!y & x  y & z [R]zx] = z [R]zy]) by (rule "∃I")
8376qed
8377
8378AOT_theorem "aclassical:2":
8379  Rxy(A!x & A!y & x  y & z [R]xz] = z [R]yz])
8380proof(rule GEN)
8381  fix R
8382  AOT_obtain a where a_prop:
8383    A!a & F (a[F]  y(A!y & F = z [R]yz] & ¬y[F]))
8384    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8385  AOT_have a_enc: az [R]az]
8386  proof (rule "raa-cor:1")
8387    AOT_assume 0: ¬az [R]az]
8388    AOT_hence ¬y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8389      by (rule a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ="«z [R]az]»"],
8390                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8391                THEN "≡E"(1), rotated])
8392         "cqt:2[lambda]"
8393    AOT_hence y ¬(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8394      using "cqt-further:4" "vdash-properties:10" by blast
8395    AOT_hence ¬(A!a & z [R]az] = z [R]az] & ¬az [R]az])
8396      using "∀E" by blast
8397    AOT_hence (A!a & z [R]az] = z [R]az])  az [R]az]
8398      by (metis "&I" "deduction-theorem" "raa-cor:3")
8399    moreover AOT_have z [R]az] = z [R]az]
8400      by (rule "=I") "cqt:2[lambda]"
8401    ultimately AOT_have az [R]az]
8402      using a_prop[THEN "&E"(1)] "→E" "&I" by blast
8403    AOT_thus az [R]az] & ¬az [R]az]
8404      using 0 "&I" by blast
8405  qed
8406  AOT_hence y(A!y & z [R]az] = z [R]yz] & ¬yz [R]az])
8407    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), THEN "≡E"(1), rotated])
8408       "cqt:2"
8409  then AOT_obtain b where b_prop:
8410    A!b & z [R]az] = z [R]bz] & ¬bz [R]az]
8411    using "∃E"[rotated] by blast
8412  AOT_have a  b
8413    apply (rule "≡dfI"[OF "=-infix"])
8414    using a_enc b_prop[THEN "&E"(2)]
8415    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8416          "raa-cor:3" "reductio-aa:1" by fast
8417  AOT_hence A!a & A!b & a  b & z [R]az] = z [R]bz]
8418    using b_prop "&E" a_prop "&I" by meson
8419  AOT_hence y (A!a & A!y & a  y & z [R]az] = z [R]yz]) by (rule "∃I")
8420  AOT_thus xy (A!x & A!y & x  y & z [R]xz] = z [R]yz]) by (rule "∃I")
8421qed
8422
8423AOT_theorem "aclassical:3":
8424  Fxy(A!x & A!y & x  y &  [F]x] =  [F]y])
8425proof(rule GEN)
8426  fix R
8427  AOT_obtain a where a_prop:
8428    A!a & F (a[F]  y(A!y & F = z [R]y] & ¬y[F]))
8429    using "A-objects"[axiom_inst] "∃E"[rotated] by fast
8430  AOT_have den: z [R]a] by "cqt:2[lambda]"
8431  AOT_have a_enc: az [R]a]
8432  proof (rule "raa-cor:1")
8433    AOT_assume 0: ¬az [R]a]
8434    AOT_hence ¬y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8435      by (safe intro!: a_prop[THEN "&E"(2), THEN "∀E"(1)[where τ=«z [R]a]»],
8436                THEN "oth-class-taut:4:b"[THEN "≡E"(1)],
8437                THEN "≡E"(1), rotated] "cqt:2") 
8438    AOT_hence y ¬(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8439      using "cqt-further:4" "→E" by blast
8440    AOT_hence ¬(A!a & z [R]a] = z [R]a] & ¬az [R]a]) using "∀E" by blast
8441    AOT_hence (A!a & z [R]a] = z [R]a])  az [R]a]
8442      by (metis "&I" "deduction-theorem" "raa-cor:3")
8443    AOT_hence az [R]a]
8444      using a_prop[THEN "&E"(1)] "→E" "&I"
8445      by (metis "rule=I:1" den)
8446    AOT_thus az [R]a] & ¬az [R]a]  by (metis "0" "raa-cor:3") 
8447  qed
8448  AOT_hence y(A!y & z [R]a] = z [R]y] & ¬yz [R]a])
8449    by (rule a_prop[THEN "&E"(2), THEN "∀E"(1), OF den, THEN "≡E"(1), rotated])
8450  then AOT_obtain b where b_prop: A!b & z [R]a] = z [R]b] & ¬bz [R]a]
8451    using "∃E"[rotated] by blast
8452  AOT_have 1: a  b
8453    apply (rule "≡dfI"[OF "=-infix"])
8454    using a_enc b_prop[THEN "&E"(2)]
8455    using "¬¬I" "rule=E" id_sym "≡E"(4) "oth-class-taut:3:a"
8456          "raa-cor:3" "reductio-aa:1" by fast
8457  AOT_have a:  [R]a] = ([R]a)
8458    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8459    by (meson "log-prop-prop:2")
8460  AOT_have b:  [R]b] = ([R]b)
8461    apply (rule "lambda-predicates:3[zero]"[axiom_inst, unvarify p])
8462    by (meson "log-prop-prop:2")
8463  AOT_have  [R]a] =  [R]b]
8464    apply (rule "rule=E"[rotated, OF a[THEN id_sym]])
8465    apply (rule "rule=E"[rotated, OF b[THEN id_sym]])
8466    apply (rule "identity:4"[THEN "≡dfI", OF "&I", rotated])
8467    using b_prop "&E" apply blast
8468    apply (safe intro!: "&I")
8469    by (simp add: "log-prop-prop:2")+
8470  AOT_hence A!a & A!b & a  b &  [R]a] =  [R]b]
8471    using 1 a_prop[THEN "&E"(1)] b_prop[THEN "&E"(1), THEN "&E"(1)]
8472          "&I" by auto
8473  AOT_hence y (A!a & A!y & a  y &  [R]a] =  [R]y]) by (rule "∃I")
8474  AOT_thus xy (A!x & A!y & x  y &  [R]x] =  [R]y]) by (rule "∃I")
8475qed
8476
8477AOT_theorem aclassical2: xy (A!x & A!y & x  y & F ([F]x  [F]y))
8478proof -
8479  AOT_have x y ([A!]x & [A!]y & x  y &
8480               z xy F ([F]x  [F]y)]zx] =
8481               z xy F ([F]x  [F]y)]zy])
8482    by (rule "aclassical:1"[THEN "∀E"(1)[where τ="«xy F ([F]x  [F]y)]»"]])
8483       "cqt:2"
8484  then AOT_obtain x where y ([A!]x & [A!]y & x  y &
8485               z xy F ([F]x  [F]y)]zx] =
8486               z xy F ([F]x  [F]y)]zy])
8487    using "∃E"[rotated] by blast
8488  then AOT_obtain y where 0: ([A!]x & [A!]y & x  y &
8489               z xy F ([F]x  [F]y)]zx] =
8490               z xy F ([F]x  [F]y)]zy])
8491    using "∃E"[rotated] by blast
8492  AOT_have z xy F ([F]x  [F]y)]zx]x
8493    by (auto intro!: "β←C"(1) "cqt:2";
8494        simp add: "&I" "ex:1:a" prod_denotesI "rule-ui:3"
8495                  "oth-class-taut:3:a" "universal-cor")
8496  AOT_hence z xy F ([F]x  [F]y)]zy]x
8497    by (rule "rule=E"[rotated, OF 0[THEN "&E"(2)]])
8498  AOT_hence xy F ([F]x  [F]y)]xy
8499    by (rule "β→C"(1))
8500  AOT_hence F ([F]x  [F]y)
8501    using "β→C"(1) old.prod.case by fast
8502  AOT_hence [A!]x & [A!]y & x  y & F ([F]x  [F]y)
8503    using 0 "&E" "&I" by blast
8504  AOT_hence y ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I")
8505  AOT_thus xy ([A!]x & [A!]y & x  y & F ([F]x  [F]y)) by (rule "∃I"(2))
8506qed
8507
8508AOT_theorem "kirchner-thm:1":
8509  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8510proof(rule "≡I"; rule "→I")
8511  AOT_assume x φ{x}]
8512  AOT_hence x φ{x}] by (metis "exist-nec" "vdash-properties:10")
8513  moreover AOT_have x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8514  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8515    AOT_modally_strict {
8516      fix x y
8517      AOT_assume 0: x φ{x}]
8518      moreover AOT_assume F([F]x  [F]y)
8519      ultimately AOT_have x φ{x}]x  x φ{x}]y
8520        using "∀E" by blast
8521      AOT_thus (φ{x}  φ{y})
8522        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8523    }
8524  qed
8525  ultimately AOT_show xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8526    using "→E" by blast
8527next
8528  AOT_have xy(F([F]x  [F]y)  (φ{x}  φ{y})) 
8529            y(x(F([F]x  [F]y) & φ{x})  φ{y})
8530  proof(rule "RM:1"; rule "→I"; rule GEN)
8531    AOT_modally_strict {
8532      AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8533      AOT_hence indisc: φ{x}  φ{y} if F([F]x  [F]y) for x y
8534        using "∀E"(2) "→E" that by blast
8535      AOT_show (x(F([F]x  [F]y) & φ{x})  φ{y}) for y
8536      proof (rule "raa-cor:1")
8537        AOT_assume ¬(x(F([F]x  [F]y) & φ{x})  φ{y})
8538        AOT_hence (x(F([F]x  [F]y) & φ{x}) & ¬φ{y}) 
8539                   (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8540          using "≡E"(1) "oth-class-taut:4:h" by blast
8541        moreover {
8542          AOT_assume 0: x(F([F]x  [F]y) & φ{x}) & ¬φ{y}
8543          AOT_obtain a where F([F]a  [F]y) & φ{a}
8544            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8545          AOT_hence φ{y}
8546            using indisc[THEN "≡E"(1)] "&E" by blast
8547          AOT_hence p & ¬p for p
8548            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8549        }
8550        moreover {
8551          AOT_assume 0: (¬(x(F([F]x  [F]y) & φ{x})) & φ{y})
8552          AOT_hence x ¬(F([F]x  [F]y) & φ{x})
8553            using "&E"(1) "cqt-further:4" "→E" by blast
8554          AOT_hence ¬(F([F]y  [F]y) & φ{y})
8555            using "∀E" by blast
8556          AOT_hence ¬F([F]y  [F]y)  ¬φ{y}
8557            using "≡E"(1) "oth-class-taut:5:c" by blast
8558          moreover AOT_have F([F]y  [F]y)
8559            by (simp add: "oth-class-taut:3:a" "universal-cor")
8560          ultimately AOT_have ¬φ{y} by (metis "¬¬I" "∨E"(2))
8561          AOT_hence p & ¬p for p
8562            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8563        }
8564        ultimately AOT_show p & ¬p for p
8565          using "∨E"(3) "raa-cor:1" by blast
8566      qed
8567    }
8568  qed
8569  moreover AOT_assume xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8570  ultimately AOT_have y(x(F([F]x  [F]y) & φ{x})  φ{y})
8571    using "→E" by blast
8572  AOT_thus x φ{x}]
8573    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8574qed
8575
8576AOT_theorem "kirchner-thm:2":
8577  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8578    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8579proof(rule "≡I"; rule "→I")
8580  AOT_assume x1...xn φ{x1...xn}]
8581  AOT_hence x1...xn φ{x1...xn}] by (metis "exist-nec" "→E")
8582  moreover AOT_have x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8583    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8584  proof (rule "RM:1"; rule "→I"; rule GEN; rule GEN; rule "→I")
8585    AOT_modally_strict {
8586      fix x1xn y1yn :: 'a AOT_var›
8587      AOT_assume 0: x1...xn φ{x1...xn}]
8588      moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8589      ultimately AOT_have x1...xn φ{x1...xn}]x1...xn 
8590                           x1...xn φ{x1...xn}]y1...yn
8591        using "∀E" by blast
8592      AOT_thus (φ{x1...xn}  φ{y1...yn})
8593        using "beta-C-meta"[THEN "→E", OF 0] "≡E"(6) by meson
8594    }
8595  qed
8596  ultimately AOT_show x1...∀xny1...∀yn(
8597    F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8598  )
8599    using "→E" by blast
8600next
8601  AOT_have 8602    (x1...∀xny1...∀yn
8603      (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})))
8604     y1...∀yn
8605        ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8606         φ{y1...yn})
8607  proof(rule "RM:1"; rule "→I"; rule GEN)
8608    AOT_modally_strict {
8609      AOT_assume x1...∀xny1...∀yn
8610        (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8611      AOT_hence indisc: φ{x1...xn}  φ{y1...yn}
8612        if F([F]x1...xn  [F]y1...yn) for x1xn y1yn
8613        using "∀E"(2) "→E" that by blast
8614      AOT_show (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8615                φ{y1...yn} for y1yn
8616      proof (rule "raa-cor:1")
8617        AOT_assume ¬((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8618                    φ{y1...yn})
8619        AOT_hence ((x1...∃xn(F([F]x1...xn  [F]y1...yn)
8620                    & φ{x1...xn}))
8621                    & ¬φ{y1...yn}) 
8622                  (¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8623                   & φ{y1...yn})
8624          using "≡E"(1) "oth-class-taut:4:h" by blast
8625        moreover {
8626          AOT_assume 0: (x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8627                         & ¬φ{y1...yn}
8628          AOT_obtain a1an where F([F]a1...an  [F]y1...yn) & φ{a1...an}
8629            using "∃E"[rotated, OF 0[THEN "&E"(1)]]  by blast
8630          AOT_hence φ{y1...yn}
8631            using indisc[THEN "≡E"(1)] "&E" by blast
8632          AOT_hence p & ¬p for p
8633            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8634        }
8635        moreover {
8636          AOT_assume 0: ¬(x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn}))
8637                         & φ{y1...yn}
8638          AOT_hence x1...∀xn ¬(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})
8639            using "&E"(1) "cqt-further:4" "→E" by blast
8640          AOT_hence ¬(F([F]y1...yn  [F]y1...yn) & φ{y1...yn})
8641            using "∀E" by blast
8642          AOT_hence ¬F([F]y1...yn  [F]y1...yn)  ¬φ{y1...yn}
8643            using "≡E"(1) "oth-class-taut:5:c" by blast
8644          moreover AOT_have F([F]y1...yn  [F]y1...yn)
8645            by (simp add: "oth-class-taut:3:a" "universal-cor")
8646          ultimately AOT_have ¬φ{y1...yn}
8647            by (metis "¬¬I" "∨E"(2))
8648          AOT_hence p & ¬p for p
8649            using 0[THEN "&E"(2)] "&I" "raa-cor:3" by blast
8650        }
8651        ultimately AOT_show p & ¬p for p
8652          using "∨E"(3) "raa-cor:1" by blast
8653      qed
8654    }
8655  qed
8656  moreover AOT_assume x1...∀xny1...∀yn
8657    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8658  ultimately AOT_have y1...∀yn
8659    ((x1...∃xn(F([F]x1...xn  [F]y1...yn) & φ{x1...xn})) 
8660     φ{y1...yn})
8661    using "→E" by blast
8662  AOT_thus x1...xn φ{x1...xn}]
8663    by (rule "safe-ext"[axiom_inst, THEN "→E", OF "&I", rotated]) "cqt:2"
8664qed
8665
8666AOT_theorem "kirchner-thm-cor:1":
8667  x φ{x}]  xy(F([F]x  [F]y)  (φ{x}  φ{y}))
8668proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8669  fix x y
8670  AOT_assume x φ{x}]
8671  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8672    by (rule "kirchner-thm:1"[THEN "≡E"(1)])
8673  AOT_hence xy (F ([F]x  [F]y)  (φ{x}  φ{y}))
8674    using CBF[THEN "→E"] by blast
8675  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8676    using "∀E" by blast
8677  AOT_hence y (F ([F]x  [F]y)  (φ{x}  φ{y}))
8678    using CBF[THEN "→E"] by blast
8679  AOT_hence (F ([F]x  [F]y)  (φ{x}  φ{y}))
8680    using "∀E" by blast
8681  AOT_hence F ([F]x  [F]y)  (φ{x}  φ{y})
8682    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8683  moreover AOT_assume F([F]x  [F]y)
8684  ultimately AOT_show (φ{x}  φ{y}) using "→E" "ind-nec" by blast
8685qed
8686
8687AOT_theorem "kirchner-thm-cor:2":
8688  x1...xn φ{x1...xn}]  x1...∀xny1...∀yn
8689    (F([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8690proof(rule "→I"; rule GEN; rule GEN; rule "→I")
8691  fix x1xn y1yn
8692  AOT_assume x1...xn φ{x1...xn}]
8693  AOT_hence 0: x1...∀xny1...∀yn
8694    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8695    by (rule "kirchner-thm:2"[THEN "≡E"(1)])
8696  AOT_have x1...∀xny1...∀yn
8697    (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8698  proof(rule GEN; rule GEN)
8699    fix x1xn y1yn
8700    AOT_show (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8701      apply (rule "RM:1"[THEN "→E", rotated, OF 0]; rule "→I")
8702      using "∀E" by blast
8703  qed
8704  AOT_hence y1...∀yn (F ([F]x1...xn  [F]y1...yn) 
8705                         (φ{x1...xn}  φ{y1...yn}))
8706    using "∀E" by blast
8707  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8708    using "∀E" by blast
8709  AOT_hence (F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn}))
8710    using "∀E" by blast
8711  AOT_hence 0: F ([F]x1...xn  [F]y1...yn)  (φ{x1...xn}  φ{y1...yn})
8712    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8713  moreover AOT_assume F([F]x1...xn  [F]y1...yn)
8714  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)] by "cqt:2"
8715  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn 
8716                       x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8717    using "∀E" by blast
8718  moreover AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]y1...yn
8719    apply (rule "β←C"(1))
8720      apply "cqt:2[lambda]"
8721     apply (fact "cqt:2[const_var]"[axiom_inst])
8722    by (simp add: RN GEN "oth-class-taut:3:a")
8723  ultimately AOT_have x1...xn F ([F]x1...xn  [F]y1...yn)]x1...xn
8724    using "≡E"(2) by blast
8725  AOT_hence F ([F]x1...xn  [F]y1...yn)
8726    using "β→C"(1) by blast
8727  AOT_thus (φ{x1...xn}  φ{y1...yn}) using "→E" 0 by blast
8728qed
8729
8730subsection‹Propositional Properties›
8731text‹\label{PLM: 9.12}›
8732
8733AOT_define propositional :: ‹Π  φ› (Propositional'(_'))
8734  "prop-prop1": Propositional([F]) df p(F = y p])
8735
8736AOT_theorem "prop-prop2:1": p y p]
8737  by (rule GEN) "cqt:2[lambda]"
8738
8739AOT_theorem "prop-prop2:2": ν φ]
8740  by "cqt:2[lambda]"
8741
8742AOT_theorem "prop-prop2:3": F = y p]  x([F]x  p)
8743proof (rule "→I")
8744  AOT_assume 0: F = y p]
8745  AOT_show x([F]x  p)
8746    by (rule "rule=E"[rotated, OF 0[symmetric]];
8747        rule RN; rule GEN; rule "beta-C-meta"[THEN "→E"])
8748      "cqt:2[lambda]"
8749qed
8750
8751AOT_theorem "prop-prop2:4": Propositional([F])  Propositional([F])
8752proof(rule "→I")
8753  AOT_assume Propositional([F])
8754  AOT_hence p(F = y p])
8755    using "≡dfE"[OF "prop-prop1"] by blast
8756  then AOT_obtain p where F = y p]
8757    using "∃E"[rotated] by blast
8758  AOT_hence (F = y p])
8759    using "id-nec:2" "modus-tollens:1" "raa-cor:3" by blast
8760  AOT_hence p (F = y p])
8761    using "∃I" by fast
8762  AOT_hence 0: p (F = y p])
8763    by (metis Buridan "vdash-properties:10")
8764  AOT_thus Propositional([F])
8765    using "prop-prop1"[THEN "≡Df"]
8766    by (AOT_subst Propositional([F]) p (F = y p])) auto
8767qed
8768
8769AOT_define indicriminate :: ‹Π  φ› ("Indiscriminate'(_')")
8770  "prop-indis": Indiscriminate([F]) df F & (x [F]x  x [F]x)
8771
8772AOT_theorem "prop-in-thm": Propositional([Π])  Indiscriminate([Π])
8773proof(rule "→I")
8774  AOT_assume Propositional([Π])
8775  AOT_hence p Π = y p] using "≡dfE"[OF "prop-prop1"] by blast
8776  then AOT_obtain p where Π_def: Π = y p] using "∃E"[rotated] by blast
8777  AOT_show Indiscriminate([Π])
8778  proof (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8779    AOT_show Π
8780      using Π_def by (meson "t=t-proper:1" "vdash-properties:6")
8781  next
8782    AOT_show (x [Π]x  x [Π]x)
8783    proof (rule "rule=E"[rotated, OF Π_def[symmetric]];
8784           rule RN; rule "→I"; rule GEN)
8785      AOT_modally_strict {
8786        AOT_assume x y p]x
8787        then AOT_obtain a where y p]a using "∃E"[rotated] by blast
8788        AOT_hence 0: p by (metis "β→C"(1))
8789        AOT_show y p]x for x
8790          apply (rule "β←C"(1))
8791            apply "cqt:2[lambda]"
8792           apply (fact "cqt:2[const_var]"[axiom_inst])
8793          by (fact 0)
8794      }
8795    qed
8796  qed
8797qed
8798
8799AOT_theorem "prop-in-f:1": Necessary([F])  Indiscriminate([F])
8800proof (rule "→I")
8801  AOT_assume Necessary([F])
8802  AOT_hence 0: x1...∀xn [F]x1...xn
8803    using "≡dfE"[OF "contingent-properties:1"] by blast
8804  AOT_show Indiscriminate([F])
8805    by (rule "≡dfI"[OF "prop-indis"])
8806       (metis "0" "KBasic:1" "&I" "ex:1:a" "rule-ui:2[const_var]" "→E") 
8807qed
8808
8809AOT_theorem "prop-in-f:2": Impossible([F])  Indiscriminate([F])
8810proof (rule "→I")
8811  AOT_modally_strict {
8812    AOT_have x ¬[F]x  (x [F]x  x [F]x)
8813      by (metis "∃E" "cqt-orig:3" "Hypothetical Syllogism" "→I" "raa-cor:3")
8814  }
8815  AOT_hence 0: x ¬[F]x  (x [F]x  x [F]x)
8816    by (rule "RM:1")
8817  AOT_assume Impossible([F])
8818  AOT_hence x ¬[F]x
8819    using "≡dfE"[OF "contingent-properties:2"] "&E" by blast
8820  AOT_hence 1: (x [F]x  x [F]x)
8821    using 0 "→E" by blast
8822  AOT_show Indiscriminate([F])
8823    by (rule "≡dfI"[OF "prop-indis"]; rule "&I")
8824       (simp add: "ex:1:a" "rule-ui:2[const_var]" 1)+
8825qed
8826
8827AOT_theorem "prop-in-f:3:a": ¬Indiscriminate([E!])
8828proof(rule "raa-cor:2")
8829  AOT_assume Indiscriminate([E!])
8830  AOT_hence 0: (x [E!]x  x [E!]x)
8831    using "≡dfE"[OF "prop-indis"] "&E" by blast
8832  AOT_hence x [E!]x  x [E!]x
8833    using "KBasic:13" "vdash-properties:10" by blast
8834  moreover AOT_have x [E!]x
8835    by (simp add: "thm-cont-e:3")
8836  ultimately AOT_have x [E!]x
8837    by (metis "vdash-properties:6")
8838  AOT_thus p & ¬p for p
8839    by (metis "≡dfE" "conventions:5" "o-objects-exist:5" "reductio-aa:1")
8840qed
8841
8842AOT_theorem "prop-in-f:3:b": ¬Indiscriminate([E!]-)
8843proof (rule "rule=E"[rotated, OF "rel-neg-T:2"[symmetric]];
8844       rule "raa-cor:2")
8845  AOT_assume Indiscriminate(x ¬[E!]x])
8846  AOT_hence 0: (x x ¬[E!]x]x  x x ¬[E!]x]x)
8847    using "≡dfE"[OF "prop-indis"] "&E" by blast
8848  AOT_hence x x ¬[E!]x]x  x x ¬[E!]x]x
8849    using "→E" "qml:1" "vdash-properties:1[2]" by blast
8850  moreover AOT_have x x ¬[E!]x]x
8851    apply (AOT_subst x ¬E!x]x ¬E!x for: x)
8852    apply (rule "beta-C-meta"[THEN "→E"])
8853     apply "cqt:2"
8854    by (metis (full_types) "B◇" RN "T◇" "cqt-further:2"
8855                           "o-objects-exist:5" "→E")
8856  ultimately AOT_have 1: x x ¬[E!]x]x
8857    by (metis "vdash-properties:6")
8858  AOT_hence x ¬[E!]x
8859    by (AOT_subst (reverse) ¬[E!]x  x ¬[E!]x]x for: x)
8860       (auto intro!: "cqt:2" "beta-C-meta"[THEN "→E"])
8861  AOT_hence x ¬[E!]x by (metis "CBF" "vdash-properties:10")
8862  moreover AOT_obtain a where abs_a: O!a
8863    using "∃E" "o-objects-exist:1" "qml:2"[axiom_inst] "→E" by blast
8864  ultimately AOT_have ¬[E!]a using "∀E" by blast
8865  AOT_hence 2: ¬[E!]a by (metis "≡dfE" "conventions:5" "reductio-aa:1")
8866  AOT_have A!a
8867    apply (rule "=dfI"(2)[OF AOT_abstract])
8868     apply "cqt:2[lambda]"
8869    apply (rule "β←C"(1))
8870      apply "cqt:2[lambda]"
8871    using "cqt:2[const_var]"[axiom_inst] apply blast
8872    by (fact 2)
8873  AOT_thus p & ¬p for p using abs_a
8874    by (metis "≡E"(1) "oa-contingent:2" "reductio-aa:1")
8875qed
8876
8877AOT_theorem "prop-in-f:3:c": ¬Indiscriminate(O!)
8878proof(rule "raa-cor:2")
8879  AOT_assume Indiscriminate(O!)
8880  AOT_hence 0: (x O!x  x O!x)
8881    using "≡dfE"[OF "prop-indis"] "&E" by blast
8882  AOT_hence x O!x  x O!x
8883    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8884  moreover AOT_have x O!x
8885    using "o-objects-exist:1" by blast
8886  ultimately AOT_have x O!x
8887    by (metis "vdash-properties:6")
8888  AOT_thus p & ¬p for p
8889    by (metis "o-objects-exist:3" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8890qed
8891
8892AOT_theorem "prop-in-f:3:d": ¬Indiscriminate(A!)
8893proof(rule "raa-cor:2")
8894  AOT_assume Indiscriminate(A!)
8895  AOT_hence 0: (x A!x  x A!x)
8896    using "≡dfE"[OF "prop-indis"] "&E" by blast
8897  AOT_hence x A!x  x A!x
8898    using "qml:1"[axiom_inst] "vdash-properties:6" by blast
8899  moreover AOT_have x A!x
8900    using "o-objects-exist:2" by blast
8901  ultimately AOT_have x A!x
8902    by (metis "vdash-properties:6")
8903  AOT_thus p & ¬p for p
8904    by (metis "o-objects-exist:4" "qml:2"[axiom_inst] "raa-cor:3" "→E")
8905qed
8906
8907AOT_theorem "prop-in-f:4:a": ¬Propositional(E!)
8908  using "modus-tollens:1" "prop-in-f:3:a" "prop-in-thm" by blast
8909
8910AOT_theorem "prop-in-f:4:b": ¬Propositional(E!-)
8911  using "modus-tollens:1" "prop-in-f:3:b" "prop-in-thm" by blast
8912
8913AOT_theorem "prop-in-f:4:c": ¬Propositional(O!)
8914  using "modus-tollens:1" "prop-in-f:3:c" "prop-in-thm" by blast
8915
8916AOT_theorem "prop-in-f:4:d": ¬Propositional(A!)
8917  using "modus-tollens:1" "prop-in-f:3:d" "prop-in-thm" by blast
8918
8919AOT_theorem "prop-prop-nec:1": p (F = y p])  p(F = y p])
8920proof(rule "→I")
8921  AOT_assume p (F = y p])
8922  AOT_hence p (F = y p])
8923    by (metis "BF◇" "→E")
8924  then AOT_obtain p where (F = y p])
8925    using "∃E"[rotated] by blast
8926  AOT_hence F = y p]
8927    by (metis "derived-S5-rules:2" emptyE "id-nec:2" "→E")
8928  AOT_thus p(F = y p]) by (rule "∃I")
8929qed
8930
8931AOT_theorem "prop-prop-nec:2": p (F  y p])  p(F  y p])
8932proof(rule "→I")
8933  AOT_assume p (F  y p])
8934  AOT_hence (F  y p]) for p
8935    using "∀E" by blast
8936  AOT_hence (F  y p]) for p
8937    by (rule "id-nec2:2"[unvarify β, THEN "→E", rotated]) "cqt:2"
8938  AOT_hence p (F  y p]) by (rule GEN)
8939  AOT_thus p (F  y p]) using BF[THEN "→E"] by fast
8940qed
8941
8942AOT_theorem "prop-prop-nec:3": p (F = y p])  p(F = y p])
8943proof(rule "→I")
8944  AOT_assume p (F = y p])
8945  then AOT_obtain p where (F = y p]) using "∃E"[rotated] by blast
8946  AOT_hence (F = y p]) by (metis "id-nec:2" "→E")
8947  AOT_hence p(F = y p]) by (rule "∃I")
8948  AOT_thus p(F = y p]) by (metis Buridan "→E")
8949qed
8950
8951AOT_theorem "prop-prop-nec:4": p (F  y p])  p(F  y p])
8952proof(rule "→I")
8953  AOT_assume p (F  y p])
8954  AOT_hence p (F  y p]) by (metis "Buridan◇" "→E")
8955  AOT_hence (F  y p]) for p
8956    using "∀E" by blast
8957  AOT_hence F  y p] for p
8958    by (rule "id-nec2:3"[unvarify β, THEN "→E", rotated]) "cqt:2"
8959  AOT_thus p (F  y p]) by (rule GEN)
8960qed
8961
8962AOT_theorem "enc-prop-nec:1":
8963  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
8964proof(rule "→I"; rule GEN; rule "→I")
8965  fix F
8966  AOT_assume F (x[F]  p(F = y p]))
8967  AOT_hence F (x[F]  p(F = y p]))
8968    using "Buridan◇" "vdash-properties:10" by blast
8969  AOT_hence 0: (x[F]  p(F = y p])) using "∀E" by blast
8970  AOT_assume x[F]
8971  AOT_hence x[F] by (metis "en-eq:2[1]" "≡E"(1))
8972  AOT_hence p(F = y p])
8973    using 0 by (metis "KBasic2:4" "≡E"(1) "vdash-properties:10")
8974  AOT_thus p(F = y p])
8975    using "prop-prop-nec:1"[THEN "→E"] by blast
8976qed
8977
8978AOT_theorem "enc-prop-nec:2":
8979  F (x[F]  p(F = y p]))  F(x[F]  p (F = y p]))
8980  using "derived-S5-rules:1"[where Γ="{}", simplified, OF "enc-prop-nec:1"]
8981  by blast
8982
8983(*<*)
8984end
8985(*>*)